Trojan-Ransom[.]Win32[.]Blocker[.]fkst-aadaba87557699125c53ea4f36b426934028f67ef9f9c07d05e0ca8d3a7f3517

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.fkst-aadaba87557699125c53ea4f36b426934028f67ef9f9c07d05e0ca8d3a7f3517
Size

449KB
MD5

e6f5111aeafa2cd1077d6b5bac5f608e
SHA1

82f440e01de4bdcd51db97ef43d78ae0f3d6be4c
SHA256

aadaba87557699125c53ea4f36b426934028f67ef9f9c07d05e0ca8d3a7f3517
SHA512

5e9f32e99ed55d77fdb60118628a998df000110cf889bd0637b900d6eb61be636cc1bbccfc46194e966e888427c93c4c43b55a74b6f857a93d8d9e8198f90413
SSDEEP

12288:zN3tardhfJBYUPOLTEYbk+OWUZ1+kwJxpw4uKHnWV211g:zN383JBYUGvk+OW88bpwwx11g

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Blocker.fkst-aadaba87557699125c53ea4f36b426934028f67ef9f9c07d05e0ca8d3a7f3517
.exe windows x86

ebcf6ff2972391e40d4b13b1ae0a80c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
SetStdHandle
CreateFileW
FlushFileBuffers
LocalFree
EnumDateFormatsA
SetLastError
GetLastError
GlobalUnlock
GetTimeZoneInformation
ReadFile
HeapCreate
GlobalAlloc
GetProcessHeap
GlobalLock
LCMapStringW
VirtualQuery
FreeLibrary
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTickCount
QueryPerformanceCounter
LoadLibraryW
ExitProcess
GetFileType
InterlockedDecrement
HeapAlloc
WriteConsoleW
WriteFile
GetStdHandle
GetModuleHandleW
GetProcAddress
CreateFileA
GetEnvironmentVariableW
GetCommandLineW
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
CloseHandle
SetEvent
OpenEventA
OutputDebugStringA
OutputDebugStringW
RaiseException
GetCurrentProcessId
GetModuleFileNameW
VirtualAlloc
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
RtlUnwind
HeapValidate
IsBadReadPtr
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree

user32

GetWindowRect
GetParent
MessageBoxA
EnableScrollBar
WindowFromDC
BeginPaint
ReleaseDC
SendMessageA
SetRect
GetDC

gdi32

SetDIBColorTable
GetRgnBox
CreateBitmap
DeleteObject
DeleteDC
FrameRgn
CreateDIBSection
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
SaveDC
AddFontResourceExW
GetDIBColorTable
CreateRectRgn
TextOutA
CreateSolidBrush
GetRandomRgn
GetStockObject
SetViewportExtEx

comdlg32

CommDlgExtendedError
GetOpenFileNameW

advapi32

LookupAccountSidA
RevertToSelf
SetThreadToken
ConvertStringSidToSidW
OpenThreadToken

shell32

CommandLineToArgvW

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CLSIDFromString
CoInitializeSecurity
CoInitialize
ReleaseStgMedium
CoInitializeEx
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysStringLen
VariantClear
LoadRegTypeLi
SysFreeString
SysAllocStringLen
VariantInit
LoadTypeLi
SafeArrayCreateVector

version

GetFileVersionInfoW

activeds

ord9

gdiplus

GdipGetImageEncodersSize
GdiplusShutdown
GdipGetImageEncoders
GdiplusStartup

dnsapi

DnsQuery_W
DnsFree

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebcf6ff2972391e40d4b13b1ae0a80c2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

version

activeds

gdiplus

dnsapi

Sections

.text Size: 221KB - Virtual size: 221KB

.rdata Size: 112KB - Virtual size: 112KB

.data Size: 112KB - Virtual size: 120KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 221KB - Virtual size: 221KB

.rdata
Size: 112KB - Virtual size: 112KB

.data
Size: 112KB - Virtual size: 120KB

.rsrc
Size: 2KB - Virtual size: 1KB