Trojan.MSIL.Spammer.HA

By CagedTech in Spam, Trojans

Table of Contents

Analysis Report

General information

Family Name:	Trojan.MSIL.Spammer.HA
Signature status:	No Signature

Known Samples

MD5: b1fad3dfa49c4406d2107728df0a8de2

SHA1: 034980e7b47e08ba137ef6ff8cb870a1f799793b

SHA256: C0BC2CD2E18BB95C6EC974CF8B7C8D6FEB601D67DE3111E750A78987042216EC

File Size: 2.73 MB, 2734592 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is .NET application
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Assembly Version	1.1.0.2
Comments	A u t o V o L a m (A u t o V o L a m )
Company Name	h t t p : / / AutoVolam . net
File Description	A u t o V o L a m (A u t o V o L a m )
File Version	1.0.0.0
Internal Name	AutoVolam.exe
Legal Copyright	h t t p : / / AutoVolam . net
Original Filename	AutoVolam.exe
Product Name	h t t p : / / AutoVolam . net
Product Version	1.0.0.0

File Traits

.NET
ntdll
RijndaelManaged
WriteProcessMemory
x86

Block Information

Total Blocks:	2,799
Potentially Malicious Blocks:	2,560
Whitelisted Blocks:	176
Unknown Blocks:	63

Visual Map

x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? 0 0 0 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x x x x x x x x x x x x x 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x ? ? x x x x x x x x ? x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x x x x x x x x x x x x x x x x x x x x x ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 ? x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x ? 0 x ? x x x x x x x x x 0 x x 0 x x x x x x 0 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x ? x x ? 0 x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x x ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x 0 0 x x x ? x x x x x x 0 x x x ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x x x x x x x x 0 x x x x x x x x x x x x x x x 0 0 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x 0 x 0 x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? 0 x x 0 0 ? x 0 x x ? 0 ? x x x x x x ? 0 x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x ? x 0 x x 0 x x x x x x x ? x ? x 0 x x x x x x x 0 x x 0 x x x x x x 0 x 0 x x x x 0 x x x x 0 x x x x x x 0 0 x x x 0 x x x x x x x x x x x x 0 x x 0 0 x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x 0 x x x x x x x x x x x x 0 x x x 0 x x x x x x x 0 x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 x x x x x x x x x x 0 x x x x x x 0 x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x x 0 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x 0 x x x 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

MSIL.Spammer.HA

Windows API Usage

Category	API
User Data Access	GetUserDefaultLocaleName GetUserObjectInformation
Anti Debug	IsDebuggerPresent NtQuerySystemInformation
Encryption Used	BCryptOpenAlgorithmProvider

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.MSIL.Spammer.HA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Windows API Usage

Windows API Usage

Submit Comment

Trending

PUP.NetZone.A

Trojan.MSIL.Dropper.ABCA

PUP.WaveMax Sound Editor

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen