Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.LoadMoney.BA

Trojan.LoadMoney.BA

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 25,990
Threat Level: 80 % (High)
Infected Computers: 1
First Seen: November 5, 2022
Last Seen: December 8, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.LoadMoney.BA
Signature status: No Signature

Known Samples

MD5: d7cb6218c7f7b86ca7be275fffc77751
SHA1: 8bd1168f7b14d549666820c4af0176d730bda405
SHA256: A1004983160BD4775F680760E96F2690E5752ECAD3C26AA820E17CB45DD8C981
File Size: 1.32 MB, 1315480 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have resources
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

  • fptable
  • HighEntropy
  • No Version Info
  • x86

Block Information

Total Blocks: 3,163
Potentially Malicious Blocks: 406
Whitelisted Blocks: 2,757
Unknown Blocks: 0

Visual Map

x 0 x 0 1 x x x x 0 0 0 x x x x x x x x x x x x x x x x 0 0 0 x x x 0 x x 0 0 0 x x 0 0 0 x x x x x 0 x x 0 x x 0 0 x x x x x x 0 0 x 0 0 0 0 x 0 0 x x x 0 x x x x 0 0 x x x x 0 x 0 0 0 0 x x x 0 0 x x x x x x x x x x x x x x 0 0 x x x x x x 0 x x x x x x x x 0 x x 0 x x x x x x x x x x x x 0 0 0 x x x x x x x x x x x x x 0 x x x 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x x 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x 0 0 0 0 0 0 0 0 x 0 0 x x x 0 x x 0 x x 0 x x 0 0 x x x 0 x 0 0 x x 0 x x 0 0 x x x 0 0 x x x x x 0 x 0 x 0 x x x x x x x x x x 0 0 x x x x x x 0 x 0 1 1 x 0 x x x x x 0 x x x x 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 x 0 0 0 x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 x x x x 0 x 0 x x 0 0 0 x 0 x x 0 0 x 0 x 0 x 0 0 0 x 0 x 0 0 0 0 x 0 0 x x 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 x 0 x 0 0 x 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 x 0 x x x x x x x 0 x x x x x x x x x x x x x x 0 0 0 0 x 0 x x 0 0 0 0 x x x x 0 x x x x x x x x x 0 0 x 0 0 0 x x x x x 0 x x x x 0 x 0 x x 0 0 0 x x 0 0 0 x x 0 x x x x x 0 0 x x x x 0 x x x 0 0 x 0 x 0 x x x 0 x 0 x 1 0 x x x x 0 0 0 x x x x x x 0 x 0 0 x 0 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x 0 0 x 0 0 x 0 x x x x x x x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 0 0 2 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 1 0 0 0 0 0 2 2 2 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 2 2 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Kryptik.JON
  • LoadMoney.BA

Registry Modifications

Key::Value Data API Name
HKLM\system\controlset001\services\dnscache::id k1w3ALlbWdu3OcRTW143OXjMrbUcPKtHILip7s/jbmhIxhqe/jvOkQ== RegNtPreCreateKey

Windows API Usage

Category API
Other Suspicious
  • AdjustTokenPrivileges
Process Manipulation Evasion
  • ReadProcessMemory

Trending

Most Viewed

Loading...