Stub.exe Trojan Banker Analysis

Trojan Banker
Updated on 2024-05-26 (22 days ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.177.174
DB Version:2024-05-26 12:00:28

Trojan.Win64.Banker.sa

A Banker Trojan, often referred to as a Banking Trojan or Bank Trojan, is a type of malware specifically designed to target online banking and financial services. These Trojans are created with the primary objective of stealing sensitive financial information, such as login credentials, account numbers, and personal identification details, from victims who use online banking platforms. The stolen information is then typically used for financial fraud, unauthorized transactions, or identity theft.

Filestub.exe
Checked2024-05-26 10:05:11
MD5dc5265e1f8d5aabba54ecdf5cca30197
SHA1f70441287cfea525074c0c28fb1075a85236fca2
SHA2568e259f70d544f19191e826f1589bd85bce399b67a54178124f5e9d41d9441dcc
SHA5126cd8e8668f35382c2a0cddb401e633c99fcb2cce7129a2037e2fb80c61bd169426d20fd26fb0de72a9a772ebfab5970245c3f7ae55af69d93464354d3f90f157
Imphashf4f2e2b03fe5666a721620fcea3aea9b
File Size2210194 bytes

Trojan.Win64.Banker.sa Removal

Trojan.Win64.Banker.sa Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win64.Banker.sa without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

Portable Executable Info

99f8909119f22355b3423d4cad169539
c5a2ab820da81f9db77abd76bbd9764e
c6c2ccc4f4e0e0f8
Image Base:0x140000000
Entry Point:0x14000c540
Compilation:2024-05-25 18:31:23
Checksum:0x00221be3 (Actual: 0x00221be3)
OS Version:5.2
PEiD:PE32+ executable (GUI) x86-64, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:7
Imports: USER32, COMCTL32, KERNEL32, ADVAPI32, GDI32,
Exports: 0
Resources:9

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0002afb0 0x0002b000 40bf1edebd1304ce1b08c50cb556d4db 6.50
.rdata 0x0002c000 0x00012f36 0x00013000 bfc9c61fa3775bb8540bf0eea4d33ebe 5.83
.data 0x0003f000 0x000033b8 0x00000e00 ae0f42b168987b17129506ccc4960b21 1.83
.pdata 0x00043000 0x0000231c 0x00002400 ffc5390666982cab67e3c9bf8e263bc3 5.38
_RDATA 0x00046000 0x000001f4 0x00000200 771f0b097891d31289bb68f0eb426e66 3.71
.rsrc 0x00047000 0x0000f41c 0x0000f600 455788c285fcfdcb4008bc77e762818a 7.55
.reloc 0x00057000 0x00000758 0x00000800 7ecf18b15822e1aa4c79b9a361f07c79 5.25

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware