Trojan-Ransom[.]Win32[.]Blocker[.]ehrk-ea8aac95160933ae46880376807706daacee9f13728080085d727a771e7d99f5

Sharing

Copy URL

Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.ehrk-ea8aac95160933ae46880376807706daacee9f13728080085d727a771e7d99f5
Size

776KB
MD5

764c9db67ee35531d30351e6090790ea
SHA1

cfce16907d2de28580a4aa84e1331630693c9994
SHA256

ea8aac95160933ae46880376807706daacee9f13728080085d727a771e7d99f5
SHA512

2bc4d60a90a87682adfd4c2127cce9ba08c17f0a8cabb45bda41be8793060ba0d89d2ad4ab391ecdd77354a42cb5f90c43624696cb0c280ef287903b660af09e
SSDEEP

12288:hgpSlh7IYnO8MHuBmP0xdB8S9WwxxNkS:hqYngS4wf

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Blocker.ehrk-ea8aac95160933ae46880376807706daacee9f13728080085d727a771e7d99f5
.exe windows x86

67d141c8a465ce846b279dea7ef75296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

OleLoadPictureFile
OleLoadPicturePath
GetErrorInfo
OleLoadPicture
OleCreatePropertyFrame
OleCreateFontIndirect
SetErrorInfo
OleIconToCursor
OleCreatePropertyFrameIndirect
OleCreatePictureIndirect
OleTranslateColor
OleLoadPictureFileEx
OleLoadPictureEx
OleSavePictureFile
CreateErrorInfo

sisbkup

SisRestoredLink
SisFreeAllocatedMemory
SisCreateRestoreStructure
SisCSFilesToBackupForLink
SisFreeRestoreStructure
SisRestoredCommonStoreFile

kernel32

TerminateProcess
GetSystemInfo
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsBadCodePtr
IsBadReadPtr
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
HeapSize
CreateFileA
GetNativeSystemInfo
GetProcessHeap
CreateProcessA
PrepareTape
GetLocalTime
FindNextChangeNotification
FindFirstChangeNotificationA
VirtualProtect
CloseHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
ExitProcess
GetProcAddress
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67d141c8a465ce846b279dea7ef75296

Headers

File Characteristics

Imports

oleaut32

sisbkup

kernel32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 280KB - Virtual size: 343KB

.rsrc Size: 300KB - Virtual size: 296KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 280KB - Virtual size: 343KB

.rsrc
Size: 300KB - Virtual size: 296KB