Windows Analysis Report
172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe

Overview

General Information

Sample name: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe
Analysis ID: 1532618
MD5: 2b0c4f943bd5faa9ff1a19524dfae1fe
SHA1: 9ddee389d010e6edf131d59e1bd9a25aae81ef87
SHA256: 2ad0b05a69d900395e4ddb75a67eec129a60c7bc7407f05806204c286345c7dd
Tags: base64-decodedexeuser-abuse_ch
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: %1 is not a valid Win32 application.

Detection

Score: 52
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
Machine Learning detection for sample
PE file does not import any functions
Sample file is different than original file name gathered from version info

Classification

AV Detection
barindex
Multi AV Scanner detection for submitted file
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe ReversingLabs: Detection: 13%
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Virustotal: Detection: 19% Perma Link
Machine Learning detection for sample
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Joe Sandbox ML: detected
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
PE file does not import any functions
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: No import functions for PE file found
Sample file is different than original file name gathered from version info
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Binary or memory string: OriginalFilenameGerm.exe" vs 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe
Source: classification engine Classification label: mal52.winEXE@0/0@0/0
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.83%
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe ReversingLabs: Detection: 13%
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Virustotal: Detection: 19%
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: 172883838590084c8801d02646b8e714feffae85926b0947ea91abe26d95df9563b13aa054698.dat-decoded.exe Static PE information: section name: .text entropy: 7.125639902541728
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1532618 Sample: 172883838590084c8801d02646b... Startdate: 13/10/2024 Architecture: WINDOWS Score: 52 5 Multi AV Scanner detection for submitted file 2->5 7 Machine Learning detection for sample 2->7
No contacted IP infos