ContiRansomware | Triage

Submit
Reports

Overview

overview

Static

static

ContiRansomware.exe

windows7_x64

ContiRansomware.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ContiRansomware.exe

Resource

win7-20220414-en

conti ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ContiRansomware.exe

Resource

win10v2004-20220414-en

conti ransomware

windows10-2004_x64

0 signatures

0 seconds

General

Target

ContiRansomware
Size

101KB
MD5

b7b5e1253710d8927cbe07d52d2d2e10
SHA1

596f1fdb5a3de40cccfe1d8183692928b94b8afb
SHA256

eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe
SHA512

e56398bc1d27288504004486eb1b843f8c5462c5af3e4f076d5083890424a33149c402cb4da23b34d624746bbc0d15e1798427793d93ff93972ed081493d9b37
SSDEEP

1536:YzkzMy2546PtngS719+T0gdGpwW2XtaJp7fd8OUfB4VH9qNwpWblz:RX2C29+4g8wW2XtO7l8OUGx9qNwp6

Score

N/A

Malware Config

Signatures

Files

ContiRansomware
.exe windows x86

30fe3f044289487cddc09bfb16ee1fde

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA

kernel32

GetCommandLineW
lstrcpyA
LoadLibraryA
GetProcAddress
lstrcmpiW
CreateMutexA
ReleaseMutex
MultiByteToWideChar
CloseHandle

shell32

CommandLineToArgvW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy