a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258 | Triage

Submit
Reports

Overview

overview

9

Static

static

a205ef0ffe...58.exe

windows7-x64

a205ef0ffe...58.exe

windows10-2004-x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258.exe

Resource

win7-20220812-en

evasion persistence ransomware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258.exe

Resource

win10v2004-20221111-en

evasion persistence ransomware

windows10-2004-x64

12 signatures

150 seconds

General

Target

a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258
Size

355KB
MD5

de6e3970ad991d0214e6dfa06439e31f
SHA1

b8792436f1541e76f4468769561b9a7bad03bd35
SHA256

a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258
SHA512

b3a2ec4d97a3b756fc6a6c949b100606bb9350a3fef3bd89896b88025989001185f721faa0f497144aa8132302486ae0166b2218f2ce1bf9a09ad89177853979
SSDEEP

6144:SEyr5y6XSQkxREpgdc9CfJ1pfQAEAzULiqvrAQbtWz4U0kDtFsp1fNv2RSRp0vU:Or5y6XzkxuHCfhPEAY93bmZ0kDtq3Nv3

Score

N/A

Malware Config

Signatures

Files

a205ef0ffe66b669ecf1c9e081792ddc2974a63f6d605b4a39fcc9b0d6012258
.exe windows x86

12364f81c7c5397a1dfcc7dd877ba5a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetPropA
EndDialog
EnumDesktopsW
SetWindowTextA
ValidateRect
OemKeyScan
DialogBoxParamA
GetActiveWindow
SetWindowPos
GetMenuCheckMarkDimensions

ole32

CoFreeLibrary
OleLockRunning
CreateAntiMoniker

kernel32

GetCurrentThreadId
CopyFileW
CreateProcessW
HeapFree
HeapDestroy
GetAtomNameA
SetFileAttributesA
GetStartupInfoA
LocalAlloc
AddAtomA
LocalFree
GetProcAddress
GetModuleHandleW
HeapCreate
FindAtomW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

Sections

.text
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy