Ransomware[.]4444 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ransomware.4444
Size

856KB
MD5

aed07e5e91a732956dba1b37a9a6b48b
SHA1

df1e7a31f48fec1bbc8cadcd3570a6ba7144c7e7
SHA256

2b60896ca98597ebe14819b2ab2038b7f16b53151244b57cea981b1ac9d6a700
SHA512

6451fc2bf8d0c4491ad904a9cc06370a16bb10c97868216ab0b76655584ad2eff0e7496076fe0794157aa6849b1ce9b67eb315496fb48c78220f549db76711dc
SSDEEP

12288:BIJm4MzH+hB/pzxJi3X3+b6umJBDARbeqTJggmyTmI3QMkgNdVeoWKJURSzk9sw:MLpXk+b6umJBDAJeqtggmy9gfOhpOSs

Score

1^/10

Malware Config

Signatures

Files

Ransomware.4444
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ