5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e | Triage

Submit
Reports

Overview

overview

Static

static

5d38ebafe0...8e.exe

windows7_x64

5d38ebafe0...8e.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e.exe

Resource

win7-en-20211208

balaclava ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e.exe

Resource

win10v2004-en-20220113

balaclava ransomware

windows10-2004_x64

0 signatures

0 seconds

General

Target

5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e
Size

70KB
MD5

fa7bc80be251a4ab8f68be18149b50f1
SHA1

eeed35174700516ad6d500b7976d3ff86582579c
SHA256

5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e
SHA512

e1828e9e20cbb9fd06d2addf446b957ccce96739adb286bc57c68f0b23269ec1ac27b7e0e14d96718b405834d117e56db9cd1c8bcc739b8d650f58e5b74e4ee9
SSDEEP

1536:xx9plNxPp2z+rbwKZZ1Rstg5bccGcXrajYCgK:b9plNxPpH3bc2reYCJ

Score

N/A

Malware Config

Signatures

Files

5d38ebafe05f6b9a2a94dd107bdda796b33563865ca6a1b9e562bcea63526a8e
.exe windows x86

584ff86ebb6fcc9b99f3f14321659748

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
GetEnvironmentVariableW
CreateFileW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetLogicalDrives
QueryDosDeviceW
ReadFile
SetFilePointer
WriteFile
GetTempPathW
GetVolumePathNamesForVolumeNameW
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeConditionVariable
WakeAllConditionVariable
Sleep
WaitForMultipleObjects
GetCurrentProcess
ExitProcess
CreateThread
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetWindowsDirectoryW
GetModuleFileNameW
lstrcatW
lstrlenA
lstrlenW
SetVolumeMountPointW
FindClose
FindFirstFileW
FindNextFileW
SetFileAttributesW
WakeConditionVariable
SleepConditionVariableCS
ExitThread
lstrcpyW
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
MoveFileExW

shell32

SHChangeNotify
ShellExecuteExW

ntdll

memcpy
_chkstk
memset
memmove
_wcsicmp
NtQueryVirtualMemory
RtlUnwind
_itoa

Sections

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy