Trojan-Ransom[.]Win32[.]Blocker[.]laor-dbd5383cfde88f6fd93329356b61de57e21605410bfdac0b1c10b1bd2a3a0ba4

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.laor-dbd5383cfde88f6fd93329356b61de57e21605410bfdac0b1c10b1bd2a3a0ba4
Size

116KB
MD5

4d8a8fdc8156f32055148b144dc76e9e
SHA1

e58aced26ab8be494a6d46cdc7a6af096fde00ea
SHA256

dbd5383cfde88f6fd93329356b61de57e21605410bfdac0b1c10b1bd2a3a0ba4
SHA512

c6bf51413712bdfe81d0850a251672a04cc03dd670b23bd4055d9a724449724e6aacf95f9a1b56c676a68e3fca7d0672fb26e999f97136aa7433c74e8b594159
SSDEEP

3072:+qhhOME3zkNRxqtOIik4eK0wFOy8NDiYPq8mzs:+qfOpkNRx1IikLKjFO1ml8

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Blocker.laor-dbd5383cfde88f6fd93329356b61de57e21605410bfdac0b1c10b1bd2a3a0ba4
.exe windows x86

e0bbfb4c971498f96aee8e52a197bbc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlIsOpaqueW
ord29
StrSpnW
PathIsPrefixW

kernel32

CreateJobObjectW
GetCurrentThread
GetProcessHeap
GetConsoleAliasesLengthA
ExpandEnvironmentStringsA
GetCompressedFileSizeW
InitializeCriticalSection
GetSystemDirectoryW
SizeofResource
EnumSystemCodePagesA
LoadLibraryExW
ReleaseSemaphore
GetTempPathW
IsDBCSLeadByteEx
GetThreadLocale
GetProcessVersion
GetDiskFreeSpaceW
GetFileInformationByHandle
GlobalAddAtomW
FindResourceExW
LocalUnlock
GetSystemDefaultUILanguage
GetDriveTypeW
UnmapViewOfFile
MapViewOfFile
SetFilePointer
lstrcmpA
FindResourceA
CreateFileA
GetACP

user32

GetKeyState
DrawTextW
SendDlgItemMessageA
GetMessageW
GetSystemMenu
VkKeyScanW
SetMenuItemBitmaps
CreateMenu
GetAsyncKeyState
SetWindowLongA
DrawStateW
GetDlgItem
AdjustWindowRectEx
UnhookWindowsHookEx
ReleaseCapture
SetCaretPos
GetDlgCtrlID
SetWindowTextW
GetMessageTime
OemToCharBuffA
GetMessagePos

gdi32

GetFontData
CreatePatternBrush
GetNearestColor
SetPaletteEntries
GetSystemPaletteUse
GetCharWidth32W
SaveDC
SetRectRgn
CreateDIBSection
GetBkMode
ExtFloodFill
LPtoDP
CloseMetaFile

Exports

Exports

?ErrorCommon@@YGEPAG@Z

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 71KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0bbfb4c971498f96aee8e52a197bbc0

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 18KB - Virtual size: 18KB

.itext Size: 512B - Virtual size: 288B

.data Size: 71KB - Virtual size: 113KB

.rsrc Size: 1024B - Virtual size: 772B

.reloc Size: 2KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 18KB - Virtual size: 18KB

.itext
Size: 512B - Virtual size: 288B

.data
Size: 71KB - Virtual size: 113KB

.rsrc
Size: 1024B - Virtual size: 772B

.reloc
Size: 2KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB