28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce | Triage

Submit
Reports

Overview

overview

Static

static

28df46fe98...ce.exe

windows7_x64

28df46fe98...ce.exe

windows10-2004_x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce
Size

770KB
MD5

8ac7c66efdeefceea010123faa515cdf
SHA1

961c26caade6bb374efb19319411f04183af2cb0
SHA256

28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce
SHA512

621d2229400f1900fa78852551b2447577d72b5fe482206b3a2c37c928c9db12057419fde4e5cf81e5deb086618d128b5db1dac7fb26b5fc44ab2765e508c798
SSDEEP

12288:umSZieXwRXdhAjxf//BC/HOEzD+QpJ3M1jhUIDMNE+MX6Bln:u9XqetHw/ZXbJUjHoGT6Bl

Score

N/A

Malware Config

Signatures

Files

28df46fe9876341394f8f0e4dcf17bd76f451ea8347104470acb59291f1735ce
.exe windows x86

e8b43a09dc4513bb5796962ca2fa39d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InSendMessage
GetMessageExtraInfo
GetInputState
GetMessagePos
GetOpenClipboardWindow

shell32

SHGetFileInfoA

rpcrt4

NdrSimpleStructUnmarshall

kernel32

IsSystemResumeAutomatic
GetUserDefaultLCID
GetUserDefaultLangID
GetThreadLocale
GetSystemDefaultLCID
SetFileApisToANSI
LCIDToLocaleName
VirtualQuery
IsProcessorFeaturePresent
GetFileAttributesW
GetCurrentThreadId
CreateFileA
GetLastError
ExitProcess
GetCommandLineA
lstrlenA

shlwapi

SHStrDupW

winscard

SCardFreeMemory
SCardListReadersA

msvcrt

printf
isupper
memset
puts
wcslen
memcpy

avifil32

AVIBuildFilterA

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

p9servh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 644KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbss
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy