99885a3cd64212e5d210c9db4bcae5b1[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

1

537a2fd4d2...ba.exe

windows7-x64

537a2fd4d2...ba.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

537a2fd4d214a212df06fb73b19ba945672eaf18d64cc30d8e99ab6a0d7cb9ba.exe

Resource

win7-20230220-en

evasion ransomware trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

537a2fd4d214a212df06fb73b19ba945672eaf18d64cc30d8e99ab6a0d7cb9ba.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

99885a3cd64212e5d210c9db4bcae5b1.bin
Size

664KB
MD5

a02c81fc97802df4c8376d1c12e6820d
SHA1

91ce4858d1edba5449856f575ee4e898884690c4
SHA256

f2ba235a1a6ed44f40871da1e439d16343962b12b7cb0d980c66c9e9552aeb8a
SHA512

5cb5725de0675fa40678211a70886e83cac834fdf72fec2b1e35386d609c9bfb939b99b352124a3f101a23620682dbc259a39cd1eefdcf1ea127a38979e22f1c
SSDEEP

12288:4tt3d/Ys91W5MGE8LErJLyfgSsiVMx3ZsH2Q9NMwJvQiUcOso3W91:i/Ymb+0SsiGx6/NMwy0O/WD

Score

1^/10

Malware Config

Signatures

Files

99885a3cd64212e5d210c9db4bcae5b1.bin
.zip

Password: infected
537a2fd4d214a212df06fb73b19ba945672eaf18d64cc30d8e99ab6a0d7cb9ba.exe
.exe windows x86

Password: infected

32c5de998b5f069b26c94c8143b13c06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

kernel32

GetModuleFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy