nht-refund[.][.][.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

nht-refund...exe

windows7-x64

nht-refund...exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

nht-refund...exe

Resource

win7-20230220-en

warzonerat infostealer rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

nht-refund...exe

Resource

win10v2004-20230220-en

warzonerat infostealer rat

windows10-2004-x64

9 signatures

150 seconds

General

Target

nht-refund...exe
Size

579KB
MD5

6ca65058e490b038710bd1e2ac8cb457
SHA1

c66ea296401994d1d352b2795b70dd38f7eb4f88
SHA256

f5e9af8a842e3d0ab3b48e83151a43a1514ed4f8772da1819d27558b62901b3b
SHA512

f3f473a6e7335b39cdd212ce287070e2f092cc550bd836ca66808b3483ef48c6152ad41a5f9a120c22c268af3960768b6fb7e03a8861bf444052c7cf1476229f
SSDEEP

12288:sctmABdVLhcA9D/4BjCAYEKRkx/yX0chSSuPA:sqdpkBtqoaXLMS+

Score

1^/10

Malware Config

Signatures

Files

nht-refund...exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy