889b86e002ea494bd38986ed73b1c5d36a6d7c3e880bc3d1cf926898ee29f4b2 | Triage

Submit
Reports

Overview

overview

9

Static

static

889b86e002...b2.exe

windows7-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

889b86e002ea494bd38986ed73b1c5d36a6d7c3e880bc3d1cf926898ee29f4b2.exe

Resource

win7-20221111-en

evasion ransomware

windows7-x64

9 signatures

300 seconds

General

Target

889b86e002ea494bd38986ed73b1c5d36a6d7c3e880bc3d1cf926898ee29f4b2
Size

349KB
MD5

0d11e3db3bfdf788d51666e3374cba05
SHA1

a20e2ca578289c6b32d74698f356242e7564dca1
SHA256

889b86e002ea494bd38986ed73b1c5d36a6d7c3e880bc3d1cf926898ee29f4b2
SHA512

0456e6dc2a9f913a466ced315ee1b014cf736e8b5b68b475c9b048cf30175514d2daf64011f6a82e302f5625b61510e28eba312f7d125fb5c443f9dc4514fd16
SSDEEP

6144:BSPogsSpWZGupaz0wQob8GDnD8IEdeVKI:BSHpW5jDMH

Score

N/A

Malware Config

Signatures

Files

889b86e002ea494bd38986ed73b1c5d36a6d7c3e880bc3d1cf926898ee29f4b2
.exe windows x86

5c8d78fc805e212950255d1c39b8608a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
GetSystemMenu
RegisterClassExA
WindowFromPoint
BeginPaint
EndPaint
SetWindowTextA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

CreateFontIndirectA
GetTextColor
DeleteObject
FrameRgn

ole32

ProgIDFromCLSID

kernel32

GetEnvironmentVariableA
InterlockedDecrement
SetFileAttributesA
GetStartupInfoA
GetFileType
lstrcmpiA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetLastError
HeapFree
GetEnvironmentStrings
GetCPInfo
DeleteCriticalSection
HeapAlloc
HeapCreate
HeapDestroy

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy