Trojan-Ransom[.]Win32[.]Cidox[.]gen-64a54420d93d10101e165fbbf0d965534f1fb273d048a7fd3b2314d9416e9756

General

Target

Trojan-Ransom.Win32.Cidox.gen-64a54420d93d10101e165fbbf0d965534f1fb273d048a7fd3b2314d9416e9756
Size

48KB
MD5

b6a4790c98e1218eb2655ca50a62890b
SHA1

574935d6e51d56dff54a4e15c3597d44199650cf
SHA256

64a54420d93d10101e165fbbf0d965534f1fb273d048a7fd3b2314d9416e9756
SHA512

9a85d5d312a3297c26bac389bcd87c98a01cbd19d7eee6769b3406e26e6ac90625854eb47681406f7bc64a0e2a95cb919779b023da00790bda108e07d53b8a03
SSDEEP

768:NzEoZSXlcVuwXyFaeke3cjuslTpZaNNEbHpeoNiVyMczXo9R0QDKUq:dE9XEunFa7e3sJlOvETpeoNF7boEO

Score

N/A

Malware Config

Signatures

Files

Trojan-Ransom.Win32.Cidox.gen-64a54420d93d10101e165fbbf0d965534f1fb273d048a7fd3b2314d9416e9756
.dll windows x86

6cd9a0e4afd6b0e54f21ad2712e03417

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateEventA
SetErrorMode
GetCommandLineA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
RtlUnwind

user32

GetForegroundWindow
GetSystemMetrics
wsprintfA

Exports

Exports

OtlAdvise
OtlFreeMarshalStream
OtlMarshalPtrInProc
OtlModuleGetClassObject
OtlModuleInit
OtlModuleRegisterClassObjects
OtlUnadvise
OtlUnmarshalPtr
chk

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cd9a0e4afd6b0e54f21ad2712e03417

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB