Trojan-Ransom[.]Win32[.]Blocker[.]ilxn-5a47ebade0438dab1823a5322f1ed7e4e845cac3e0fda621a48fb8c760103ffc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.ilxn-5a47ebade0438dab1823a5322f1ed7e4e845cac3e0fda621a48fb8c760103ffc
Size

673KB
MD5

411870a2febac70122ee7dc8d0e1006e
SHA1

27db9db1ced5990192b8e570cb716ffb221cf8c9
SHA256

5a47ebade0438dab1823a5322f1ed7e4e845cac3e0fda621a48fb8c760103ffc
SHA512

ecebcaeb83b50ca0ababa23abd20db53de9fcd8848e3ee91889b3a519a11986a4b199b3deb8b77c639a3249023e5c1e3f5771fc655fbabd6a21c2164db3d2070
SSDEEP

6144:UPNDXW8jOD/gSwgQM6/lkw3RRHxNjfOB8xOE5SYdqT:2W77gSw7WwB9dC

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Blocker.ilxn-5a47ebade0438dab1823a5322f1ed7e4e845cac3e0fda621a48fb8c760103ffc
.exe windows x86

206bfed36d2f5acde99bf22e88f8de8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord516
ord518
ord666
ord593
ord594
ord598
ord520
ord631
ord632
DllFunctionCall
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord535
ord537
ord644
ord648
ord681
ord578
ord100
ord617
ord619
ord581

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 593KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE