Server Load
ramd.exe    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Behavior analysis report:         Habo file analysis
Basic Information
file name:ramd.exe
file type:EXEx86
Submission time:2018-10-11 22:00:53
Threat level:clean
MD5:22288fc8a0b96e5d213503aa9401b81b
sha256:a8e266f68f5412c96e6ea030fe274df3a110af879e04a868bd055ac9088d1957
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
domains:0
dns:0
http:0
hosts:2
hosts:2
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
api:IsDebuggerPresent
category:system
type:call
category:0
ioc:0
type:generic
category:0
ioc:0
type:generic
Static information
PE section table information
Section name:UPX0
Virtual address:0x00001000
Physical address:0x00000400
Physical size:0x00000000
Section permissions:RWE
Section name:UPX1
Virtual address:0x00061000
Physical address:0x00000400
Physical size:0x0004f400
Section permissions:RWE
Section name:.rsrc
Virtual address:0x000b1000
Physical address:0x0004f800
Physical size:0x00001600
Section permissions:RW-
PE basic information
import_hash:ab8abbde85e44464a5696ddb5748fe6f
time_stamp:2015-01-13 05:20:37
entry_point_section:UPX1
entry_point_section:UPX1
image_base:0x400000
entry_point:0xaf6a0
PE resource information
name:XMMOD
language:LANG_ENGLISH
filetype:empty
sublanguage:SUBLANG_ENGLISH_US
offset:0x00056fa8
size:0x00053169
name:RT_BITMAP
language:LANG_ENGLISH
filetype:empty
sublanguage:SUBLANG_ENGLISH_US
offset:0x00026190
size:0x0002fd58
name:RT_ICON
language:LANG_ENGLISH
filetype:data
sublanguage:SUBLANG_ENGLISH_US
offset:0x000b1188
size:0x000010a8
name:RT_GROUP_ICON
language:LANG_ENGLISH
filetype:MS Windows icon resource - 1 icon
sublanguage:SUBLANG_ENGLISH_US
offset:0x000b2234
size:0x00000014
name:RT_MANIFEST
language:LANG_ENGLISH
filetype:XML 1.0 document text
sublanguage:SUBLANG_ENGLISH_US
offset:0x000b224c
size:0x0000017d

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号