djvu | 45201530x0000000000400000[.]dmp | Triage

Sharing

General

Target

45201530x0000000000400000.dmp
Size

1.2MB
MD5

ddb1ec135c4010bba26c01cc82c4b324
SHA1

ac2d30c83a1ec1175ae4284b3aeb1e2d85828038
SHA256

e84864ab91f326d0b8fc4817d9140b37809d150ced647ec6a7cc6264a0c14cb0
SHA512

1dc346140a7aff71b8f629df2a78e20703a8820e903f0880206971a2959c831ef5773b7fc19e1002a8a3f40fcea60db2a4bc05da16f77f8f47a557251499c7b4
SSDEEP

24576:ZBUIKn/vwOXGUXAjCymYZiVtElVIBT2roqnTSSxWeT/dRPOO8CW1HUq7:F0dwAYZt6C31WeTVRPOhC+Uq7

Score

10^/10

djvu

Malware Config

Signatures

Detected Djvu ransomware 1 IoCs

resource	yara_rule
sample	family_djvu

Djvu family
djvu

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45201530x0000000000400000.dmp

Files

45201530x0000000000400000.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 809KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ