7500476132[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

5a9e1f1ec5...66.exe

windows7_x64

5a9e1f1ec5...66.exe

windows10-2004_x64

Resubmissions

24-05-2022 14:41

220524-r2jrgaadeq 10

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566.exe

Resource

win7-20220414-en

lockbit evasion persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566.exe

Resource

win10v2004-20220414-en

lockbit evasion persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

General

Target

7500476132.zip
Size

385KB
MD5

0cec276fcb9669b772e3995fd29653a8
SHA1

bf4e107761e572f3920676a20111547c945c246e
SHA256

8cd0262e8a1a7c54c00bdcabceca038d6608ebeba1c1dcf9de91b692245c89bb
SHA512

ae3e99f76cbc1f68a32f870c8fba92b47467d5d877912f66046174b9661d17928fec579ae0efc305d6d394e1d613dd9825f909f2d78bf1c2b192144e965abdb2
SSDEEP

12288:+j05WOwvDmvtoLh70tbaisl0+Em7kP0mOSfLChMtRg:B5W9DStcAtd60Yk6UJc

Score

N/A

Malware Config

Signatures

Files

7500476132.zip
.zip

Password: infected
5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566
.exe windows x86

Password: infected

216df81b1ef7bc2aa8ec52bbeef137c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW

activeds

ord9
ord15

kernel32

CreateProcessW
GetSystemTime
lstrlenW
LocalFree

advapi32

CheckTokenMembership
CreateWellKnownSid

ole32

CoCreateInstance
CoSetProxyBlanket

Sections

.text
Size: 896KB - Virtual size: 895KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy