Windows Analysis Report
SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe

Overview

General Information

Sample name: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe
Analysis ID: 1446239
MD5: c12e236fe93b9468443b22593bd2c9ae
SHA1: 63cbedfb8cae251baf73c53d6b74a46d4314fe17
SHA256: 3e4993110001bf7b1850a282bf6725772ff6c186f97abac2a00056b8b0aee8b8
Tags: exe
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: %1 is not a valid Win32 application.

Detection

Score: 52
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
Machine Learning detection for sample
PE file does not import any functions
PE file overlay found
Sample file is different than original file name gathered from version info
Uses 32bit PE files

Classification

AV Detection
barindex
Multi AV Scanner detection for submitted file
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe ReversingLabs: Detection: 58%
Machine Learning detection for sample
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Joe Sandbox ML: detected
Uses 32bit PE files
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
PE file does not import any functions
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: No import functions for PE file found
PE file overlay found
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: Data appended to the last section found
Sample file is different than original file name gathered from version info
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Binary or memory string: OriginalFilenameDATA.exe vs SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe
Uses 32bit PE files
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: classification engine Classification label: mal52.winEXE@0/0@0/0
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe ReversingLabs: Detection: 58%
Source: SecuriteInfo.com.Trojan.PWS.Tinba.290.16391.16110.exe Static PE information: section name: .text entropy: 6.952451638356679
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1446239 Sample: SecuriteInfo.com.Trojan.PWS... Startdate: 23/05/2024 Architecture: WINDOWS Score: 52 5 Multi AV Scanner detection for submitted file 2->5 7 Machine Learning detection for sample 2->7
No contacted IP infos