33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f | Triage

Submit
Reports

Overview

overview

Static

static

33b62b9528...0f.exe

windows7_x64

33b62b9528...0f.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f.exe

Resource

win7-20220414-en

locky ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f.exe

Resource

win10v2004-20220414-en

locky persistence ransomware

windows10-2004_x64

0 signatures

0 seconds

General

Target

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
Size

580KB
MD5

86927f4d92665747679ab72a9be87b05
SHA1

35549e85c4cb875e1710afaf274aeead50e06752
SHA256

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
SHA512

33255234e1a1a7c19d92e503a57cecef9e1cb46ff5472f2416772a0e9087c111edded597618bb73ee8494c0bc23924d97396b1bc5f2657e946c6e1552696381f
SSDEEP

12288:5ytq8213MaAOYetrMrM0uPDzcjmA13QwncT0GT7t5uHcSpF:5yE8MMatYerMNu78h13QIcTJvt2V

Score

N/A

Malware Config

Signatures

Files

33b62b95281bb0ecbad2523bb99e4853fd516044b8f2b42ef4a1e29903e7bd0f
.exe windows x86

8e24fa1c3874857edd3d313e803df173

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

certcli

CACloseCA
CADeleteCA
CAEnumFirstCA
CAEnumNextCA
CACloseCertType

cmutil

CmFree
CmMalloc
CmMoveMemory

kernel32

SetErrorMode
GetFileAttributesA
LoadLibraryExA
GetModuleHandleA
GetLogicalDriveStringsA
GetProcAddress
CreateMailslotW
GetCommandLineW
GetLongPathNameA
CreateFileW
MoveFileExW
UnmapViewOfFile
GetTickCount
WaitForSingleObject
CreateSemaphoreA

advapi32

LogonUserW
CryptSignHashW
InitializeSid
RegEnumKeyA
OpenEventLogA
ClearEventLogW
RegDeleteValueA
RegRestoreKeyA
RegReplaceKeyW
RegCreateKeyExW
RegSaveKeyA

untfs

Recover
FormatEx

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 520KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy