medusalocker | becba2e3587003375b03ab0fd05faa631cd9411164362ff41808c26890e638d3 | Triage

Sharing

General

Target

becba2e3587003375b03ab0fd05faa631cd9411164362ff41808c26890e638d3
Size

696KB
MD5

a4d5e90cfae904fe6f36465baf8a83eb
SHA1

de0b0252e636caf6a0fae91fbde3ace0dc4a6bf3
SHA256

becba2e3587003375b03ab0fd05faa631cd9411164362ff41808c26890e638d3
SHA512

cfc5acc68336f19591fd2fd79a1b77881ca3587124b96d04407571a4da48d3aa555756133fe0aa9ab3ce5bcd7ddd5ee7138ef9293925aea213fc3f8062f31fc6
SSDEEP

12288:3K5m/Be8Wp8KamyNmnEG+lsLFwcq6us9xZwiBb/osM+oM7:5o8AZpyNmnEGAsLm9cZwmoNfM

Score

10^/10

medusalocker

Malware Config

Signatures

MedusaLocker Payload 1 IoCs

resource	yara_rule
sample	family_medusalocker

Medusalocker family
medusalocker

Files

becba2e3587003375b03ab0fd05faa631cd9411164362ff41808c26890e638d3
.exe windows x86

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ