Static task
static1
Behavioral task
behavioral1
Sample
Trojan-Ransom.Win32.Blocker.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Trojan-Ransom.Win32.Blocker.exe
Resource
win10v2004-20220812-en
General
-
Target
Trojan-Ransom.Win32.Blocker.ctka-b69cc51572e13d11a306dca48040cf957b04e32a1767832496080d4062bd0906
-
Size
524KB
-
MD5
bed6f1962556ca4361aa874d7deb6ab9
-
SHA1
9c2244b6b8b43d35bb96f5cf4e674ae403cf82c4
-
SHA256
b69cc51572e13d11a306dca48040cf957b04e32a1767832496080d4062bd0906
-
SHA512
33e2835ba94ffd794d1866133c694b057a1e9447a18be87bcf0cc772361419bc310e79f1161738cc95c4dae5026a844e592f8cce350afce6ce23635300b059eb
-
SSDEEP
12288:sxCRtLI4qI51881I2ujPaabC1gMdpS0OzBc+/hObSEAkXCR:+I5nujPpbCgMdpnOzBclSEAkw
Malware Config
Signatures
Files
-
Trojan-Ransom.Win32.Blocker.ctka-b69cc51572e13d11a306dca48040cf957b04e32a1767832496080d4062bd0906.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 512KB - Virtual size: 511KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ