93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3 | Triage

Submit
Reports

Overview

overview

Static

static

93536a7a48...d3.exe

windows7_x64

93536a7a48...d3.exe

windows10_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3.exe

Resource

win7-en-20211208

ryuk evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3.exe

Resource

win10-en-20211208

ryuk evasion ransomware

windows10_x64

0 signatures

0 seconds

Errors

Reason

config extraction: CfgExtr crashed: runtime error: slice bounds out of range [:35773] with capacity 32736

General

Target

93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3
Size

122KB
MD5

6d5e018e9de53f8c7e5020103292cb99
SHA1

47cd7b8ffc9015eb7b9b143d10c2c0f119164ce6
SHA256

93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3
SHA512

636f4d8ffb65a71069177d0e5cbb583a53eaa304222340e4f0d57ab88d2645f02e44c6bcdae629bf99a57ff66dea8291f9a7f5d3845aba44ef88e506f5c74fc4
SSDEEP

1536:hxOUyl20w8bVZQ40iMSO1fY+iUyQs2r8t5p1ySotICS4A6Ud4r0a5AY+AtivWl3:hMhQNDEtb3AiYePYtu

Score

N/A

Malware Config

Signatures

Files

93536a7a4871779f94f765be681af52a33830c50eebad7fedf33c2e921fce3d3
.exe windows x86

f3d46e2f8717ced6d4b220e65d6ad18a

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrcmpiW
Sleep
VerSetConditionMask
VerifyVersionInfoW
lstrcmpA
SetThreadPriority

user32

MessageBoxW

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v0rmpw
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy