Static task
static1
Behavioral task
behavioral1
Sample
2023-05-15_62d4144da592d4a7b270a6838ec378e9_bad-rabbit_eternalpetya_notpetya_petrwrap_petya.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2023-05-15_62d4144da592d4a7b270a6838ec378e9_bad-rabbit_eternalpetya_notpetya_petrwrap_petya.exe
Resource
win10v2004-20230220-en
General
-
Target
2023-05-15_62d4144da592d4a7b270a6838ec378e9_bad-rabbit_eternalpetya_notpetya_petrwrap_petya
-
Size
395KB
-
MD5
62d4144da592d4a7b270a6838ec378e9
-
SHA1
cc356763e8a6fcc15cae03cc83d2fda35a73fc7b
-
SHA256
b4881bba0bff34354c17653fa0a6ea69a2c9c1509a4c3d284d3626ecd7770635
-
SHA512
689c354667d805bca8384e7a6522ddc272fa7930b30084b0ab62ba4ad2004f27a0efdeb564a0b2d9877bea9da89ed7ae272ca7be306be77dab918445f55982b2
-
SSDEEP
12288:stU/X4NTS/x9jNG+w+9OqFoK323qdQYKU3P2:HXATS/x9jNg+95vdQaP2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2023-05-15_62d4144da592d4a7b270a6838ec378e9_bad-rabbit_eternalpetya_notpetya_petrwrap_petya
Files
-
2023-05-15_62d4144da592d4a7b270a6838ec378e9_bad-rabbit_eternalpetya_notpetya_petrwrap_petya.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 357KB - Virtual size: 356KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ