129940eb6b4747b1569e7da5f37157db[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

1

7ba9294f10...32.exe

windows7-x64

7ba9294f10...32.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

7ba9294f10f99747124f01c3564c8a127057507932edda9806476f186e534c32.exe

Resource

win7-20230220-en

nanocore evasion keylogger persistence spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ba9294f10f99747124f01c3564c8a127057507932edda9806476f186e534c32.exe

Resource

win10v2004-20230220-en

nanocore evasion keylogger persistence spyware stealer trojan

windows10-2004-x64

12 signatures

150 seconds

Errors

Reason

config extraction: missing cfgextr callback for rule "Gozi_FJ_loader_0"

General

Target

129940eb6b4747b1569e7da5f37157db.bin
Size

663KB
MD5

9db0f996c49e13ef49f0f0841b7a85ca
SHA1

e0caa2d64c93a0cabeb6bf768b5f34518bb2130f
SHA256

81bd2fb64159b04490708e766f0449c15ffbc9c262642fe3b3eb79664c9a3d75
SHA512

e2083ea94a05e5944f26b98378af367af8f3406ec26d6bd55cabaf58cc64eca7c89ed7eec86efaf5767186aacba565366737bcedc2a4e41300478c505be11680
SSDEEP

12288:/aJa1CYq+GOeiHrx1PHq/XUqDolG8d7w/89o3zIONX0Hh9EeO7TY3Xd2:71duOeCVCUqDolG8ub3zIONkHb52

Score

1^/10

Malware Config

Signatures

Files

129940eb6b4747b1569e7da5f37157db.bin
.zip

Password: infected
7ba9294f10f99747124f01c3564c8a127057507932edda9806476f186e534c32.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 749KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy