Windows Analysis Report
Order.gz.exe

Overview

General Information

Sample Name: Order.gz.exe
Analysis ID: 882714
MD5: 856dbd09409da8b58b98d75bb8b6c7c0
SHA1: 04ac238a5349afe2f3f0a2dffad9cf615130b674
SHA256: 8873e65ad529e832113ee75d5bc8e3a18d150ed475c09e0c6f5ce1458f0bf9a3
Tags: exeSTRRAT
Infos:
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: C000007B

Detection

RATDispenser
Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected RATDispenser

Classification

AV Detection
barindex
Multi AV Scanner detection for submitted file
Source: Order.gz.exe ReversingLabs: Detection: 45%
Source: Order.gz.exe Virustotal: Detection: 44% Perma Link
Source: Order.gz.exe ReversingLabs: Detection: 45%
Source: Order.gz.exe Virustotal: Detection: 44%
Source: classification engine Classification label: mal56.troj.winEXE@0/0@0/0

Data Obfuscation
barindex
Yara detected RATDispenser
Source: Yara match File source: Order.gz.exe, type: SAMPLE

No Screenshots

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 882714 Sample: Order.gz.exe Startdate: 06/06/2023 Architecture: WINDOWS Score: 56 5 Multi AV Scanner detection for submitted file 2->5 7 Yara detected RATDispenser 2->7
No contacted IP infos