Static task
static1
Behavioral task
behavioral1
Sample
Trojan-Ransom.Win32.Blocker.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Trojan-Ransom.Win32.Blocker.exe
Resource
win10v2004-20220812-en
General
-
Target
Trojan-Ransom.Win32.Blocker.djzy-d922c53c1f7e13488c1fee2c2e4a6f5b1f946df15ae8ee079e5b8b500e2eb52d
-
Size
213KB
-
MD5
2e2a2862c9f091d02154c1925e34d764
-
SHA1
ff7cd582d8ebc61a523c5197f1c164c55886b8df
-
SHA256
d922c53c1f7e13488c1fee2c2e4a6f5b1f946df15ae8ee079e5b8b500e2eb52d
-
SHA512
0d31d4210aaeadd7a97e728972182b51142cb93bb3be90c97e477e540b8157f82cae62e1be524f8b4585cb48d618a03f06c69f93f4b2ae8025efda42720cf208
-
SSDEEP
6144:YIVaMj0lvXNsMOagpfp01H1wUwD2odoJdX5OR3:YIVbwrOv1nU5dJdC
Malware Config
Signatures
Files
-
Trojan-Ransom.Win32.Blocker.djzy-d922c53c1f7e13488c1fee2c2e4a6f5b1f946df15ae8ee079e5b8b500e2eb52d.exe windows x86
b23b9ee44242d4a5a37c8fa2e5432a4f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
schannel
InitializeSecurityContextW
QueryContextAttributesW
MakeSignature
QuerySecurityPackageInfoA
QueryContextAttributesA
QuerySecurityPackageInfoW
kernel32
HeapAlloc
GetLocaleInfoA
QueryDosDeviceA
IsValidLocale
LoadLibraryW
SystemTimeToFileTime
LockResource
lstrcpyA
CloseHandle
GetSystemTimeAsFileTime
CreateFileA
GetCurrentProcess
GetTickCount
GetLocalTime
GetCurrentProcessId
GetProcessHeap
lstrcmpA
GetOEMCP
MultiByteToWideChar
FindResourceA
GetVolumeInformationA
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapFree
SetLastError
QueryPerformanceCounter
lstrlenA
advapi32
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
scecli
SceAppendSecurityProfileInfo
SceAnalyzeSystem
SceCloseProfile
SceAddToNameStatusList
SceAddToObjectList
SceBrowseDatabaseTable
Sections
.text Size: 145KB - Virtual size: 144KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 7KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rcrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ