Trojan-Ransom[.]Win32[.]Fury[.]dh-2996308540b6848fbf2d8b1f1a6865ebf717cd61990aabb9975c28d570f12537[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Fury.dh-2996308540b6848fbf2d8b1f1a6865ebf717cd61990aabb9975c28d570f12537.exe
Size

102KB
MD5

5f74d2826c1fb2b60dbf6d3de14a773d
SHA1

759b2298650613e5ba4654669b1c31ba6b1530bc
SHA256

2996308540b6848fbf2d8b1f1a6865ebf717cd61990aabb9975c28d570f12537
SHA512

46967e86a2f427be86b75beab51b0bbf326a40bb174296215f057a3d80eb62060f2036a6a862ec5ef1110058b4d497751d2c31730ae74cf59a9216b08ae6912d
SSDEEP

1536:RwBHJ1RDqgPUEk5eWXjfVCegA58OaIBB+LPZ6FzTwg:GBp1aEk5eWXd2IBB+LZKfwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Trojan-Ransom.Win32.Fury.dh-2996308540b6848fbf2d8b1f1a6865ebf717cd61990aabb9975c28d570f12537.exe

Files

Trojan-Ransom.Win32.Fury.dh-2996308540b6848fbf2d8b1f1a6865ebf717cd61990aabb9975c28d570f12537.exe
.exe windows x86

862f1e0e32f7ff268b72563f527a5f40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
WriteConsoleA
WriteFileEx
InitializeCriticalSectionAndSpinCount
GetProfileStringW
CompareStringW
GlobalMemoryStatus
WaitForMultipleObjects
GetUserDefaultLCID
lstrcmpW
CreateFileW
IsValidCodePage
DeleteFileW
GetOverlappedResult
FreeEnvironmentStringsW
ReadFile
GetSystemTimeAsFileTime
GetOEMCP
lstrcpynA
SetEndOfFile
ExitThread
GetVersion
SizeofResource
FindFirstFileW
VirtualAlloc
GetModuleHandleW
WriteConsoleW
HeapDestroy
GetFullPathNameA
InitializeCriticalSection
EnumSystemLocalesA
FindFirstFileA
MultiByteToWideChar
SetHandleCount
TlsSetValue
GetStdHandle
GetTimeFormatW
UnmapViewOfFile
GetStringTypeA
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsAlloc
DeleteCriticalSection
GetEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteFile
ExitProcess
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
LocalUnlock
CreateFileMappingW
GetCurrentThreadId
GetProcessHeap
GetProfileIntW
HeapCreate
GlobalReAlloc
GetTimeZoneInformation
TerminateThread
GetDateFormatA
CompareStringA
SetFilePointer
SearchPathA
TlsGetValue
LCMapStringW
SetEnvironmentVariableA
GetCurrentProcessId
DosDateTimeToFileTime
GetFileType
FindResourceW
LockResource
VirtualAllocEx
GetLastError
GetModuleFileNameA
GetACP
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetStringTypeW
GetProcAddress

user32

OpenClipboard
GetFocus
DrawFocusRect
SetScrollPos
IsZoomed
LoadCursorW
DispatchMessageA
DrawTextExW
IsClipboardFormatAvailable
SetDlgItemInt
RegisterWindowMessageW
SystemParametersInfoW
LoadMenuW
RegisterClassExW
MapWindowPoints
SetCursorPos
OpenDesktopA
SetWindowPos
GetClipboardData
OffsetRect
GetParent
GetMenuCheckMarkDimensions
SetWindowLongW
GetWindowPlacement
SetMenu
MsgWaitForMultipleObjects
DefWindowProcW
MessageBoxW
LoadStringW
GetSystemMenu
GetSystemMetrics
CharNextA
GetDlgItemTextA
HideCaret
InflateRect
ChildWindowFromPoint
CharUpperW
GetSubMenu
DestroyMenu
IsDialogMessageA
PostMessageW
DialogBoxIndirectParamA
CheckRadioButton
SendDlgItemMessageW
wsprintfW
BeginPaint
DialogBoxParamW
DrawTextW
SetTimer
EndDialog
SetWindowLongA
LoadCursorA
InvalidateRect
DialogBoxParamA
FindWindowA
GetCursorPos
GetWindowTextW

gdi32

TextOutW
GetTextMetricsA
EndPage
SetMapMode
CreateFontIndirectW
GetTextFaceW
GetObjectA
GetTextExtentPointA
StartDocW
StartPage
GetTextExtentPoint32W
GetObjectW
SelectObject

winspool.drv

OpenPrinterW

comdlg32

GetFileTitleW
ChooseFontW
PrintDlgA
CommDlgExtendedError

advapi32

RegSetValueExA
OpenServiceA
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExW
RegDeleteValueA
RegCreateKeyA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid

shell32

ShellExecuteA
DragAcceptFiles
CommandLineToArgvW
ShellExecuteExA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

862f1e0e32f7ff268b72563f527a5f40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 50KB - Virtual size: 49KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 50KB - Virtual size: 49KB

.reloc
Size: 4KB - Virtual size: 3KB