Trojan-Ransom[.]Win32[.]Blocker[.]fzvx-76b96686bc77a33a23d35831065b8267ffd8ef72c316b6beb25dab0ad5198356

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.fzvx-76b96686bc77a33a23d35831065b8267ffd8ef72c316b6beb25dab0ad5198356
Size

180KB
MD5

b6216cfe1ccf54cda93eaebf85eccf6f
SHA1

fa81b4ec4b27ad326f4d3fb13178c6037a30ef32
SHA256

76b96686bc77a33a23d35831065b8267ffd8ef72c316b6beb25dab0ad5198356
SHA512

974acc9206bfe9f4260270469b26417f6f9cf33b17d378a73ea92995073df296cb9dca78562c34ba3bc5f58c6320db456eedfa00b3e6d979ce7d8cdb04f69ad9
SSDEEP

3072:cJZQ5VmVhi0x8FxE04hsSmG3FTR+Deb8B/20uh6NGMfkZahGRznjWgZ11H0l+WuH:HAhN+E04h71N+Sb86hqGOkZlzjWgZXH+

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Blocker.fzvx-76b96686bc77a33a23d35831065b8267ffd8ef72c316b6beb25dab0ad5198356
.exe windows x86

8a163404a52e15cf4e2b5d9604935bc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
VirtualLock
FlushInstructionCache
FreeLibrary
TlsGetValue
GetModuleHandleA
FileTimeToSystemTime
VirtualQuery
LocalShrink
EnterCriticalSection
VirtualFree
GetConsoleOutputCP
GetThreadLocale
SetEvent
SetLocalTime
GetACP
LeaveCriticalSection
SetConsoleCursorPosition
BindIoCompletionCallback
InitializeCriticalSection
Sleep
LoadLibraryA
LoadResource
InitAtomTable
VirtualAlloc
GetUserDefaultUILanguage
InterlockedIncrement
CreateEventA
GetCPInfoExA
DeleteCriticalSection
IsDBCSLeadByteEx
ExitProcess
CancelIo
GlobalDeleteAtom
GetProcAddress
BackupWrite
HeapUnlock
MultiByteToWideChar
LocalReAlloc
WaitForSingleObject
CloseHandle
VirtualProtect
GetLastError
DeleteAtom
GlobalSize

shell32

SHLoadNonloadedIconOverlayIdentifiers
WOWShellExecute
SHSetUnreadMailCountW
SHIsFileAvailableOffline
SHBindToParent
DragFinish
SHParseDisplayName
SHGetDiskFreeSpaceA
SHCreateQueryCancelAutoPlayMoniker
SheSetCurDrive
DuplicateIcon
SHOpenFolderAndSelectItems
SHExtractIconsW

msvcrt

realloc
setlocale
fclose
__dllonexit
_stricmp
strlen
calloc
free
_vsnwprintf
bsearch
fputc
strcmp
_vsnprintf
strchr
_strnicmp
strcpy
memcpy
fputwc
strncmp
getenv
wcschr
vfwprintf
vfprintf
strstr
qsort
tolower
sprintf
strtoul
strcspn
_isctype
localeconv
fopen
abort
fwrite
memmove
strncpy
putc
vsprintf
atoi
_errno
fflush
_iob
__p__commode
wcslen
malloc
fgets

advapi32

RegOpenKeyExA
CreateCodeAuthzLevel
SetServiceBits
IsWellKnownSid
ElfDeregisterEventSource
EqualPrefixSid
RegNotifyChangeKeyValue
LsaAddAccountRights
SystemFunction011
LsaQueryTrustedDomainInfo
SystemFunction006
RegGetKeySecurity
LsaEnumerateTrustedDomains
AddAccessAllowedObjectAce
CreatePrivateObjectSecurityEx
OpenThreadToken
RegQueryValueExA
RegCloseKey
ElfCloseEventLog

odbc32

ord28
ord25
ord18
ord77
CursorLibLockDesc
ord12
ord64
ord78
ord68
ord75
ord5
PostComponentError
ord24
ord69
ValidateErrorQueue

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a163404a52e15cf4e2b5d9604935bc4

Headers

File Characteristics

Imports

kernel32

shell32

msvcrt

advapi32

odbc32

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 33KB - Virtual size: 32KB

.rata Size: 40KB - Virtual size: 39KB

.bss Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 33KB - Virtual size: 32KB

.rata
Size: 40KB - Virtual size: 39KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 31KB - Virtual size: 30KB