worker 2[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

1

worker 2.exe

windows7-x64

worker 2.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

worker 2.exe

Resource

win7-20230220-en

persistence ransomware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

worker 2.exe

Resource

win10v2004-20230220-en

persistence ransomware

windows10-2004-x64

10 signatures

150 seconds

General

Target

worker 2.bin
Size

1.1MB
MD5

c66ef3007a36023cbee0cf24ad95246c
SHA1

bd028575a6313524b16ff54204bbe4a60708159f
SHA256

0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6
SHA512

ea7a0180c03687738aee49aa9440ddb73e8354efccef3c6102979b313907e41d47f4380b3ef274f1483736cf4ff62a32ef13cbfd5564ad861dd8b3e825f58689
SSDEEP

24576:BJZEZJPVUVTmTj0CfOZuzhg1HREnUjwSGvQ+giNxMOacZR:BJZEPPMT2j0CGZuimnUVGvQ+giNOOPR

Score

1^/10

Malware Config

Signatures

Files

worker 2.bin
.exe windows x86

900a5641d85f1db8128310252e51b07f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
Sleep
lstrcmpiA
lstrcpyA
GlobalFree
GlobalAlloc
GetVersion
GetModuleFileNameA
GetLastError
GetEnvironmentVariableA
ExitProcess
CreateProcessA
CreateFileA
lstrcatA
CloseHandle

advapi32

StartServiceA
OpenServiceA
OpenSCManagerA
LookupAccountSidA
GetUserNameA
DeleteService
CreateServiceA
ConvertStringSidToSidA
CloseServiceHandle
StartServiceCtrlDispatcherA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy