djvu | 38481510x0000000000400000[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38481510x0000000000400000.dmp
Size

1.2MB
MD5

b5eb0c810625b38d8ed037b1af543a0c
SHA1

ab31699fd3ca400e9ceece15c5ad4d81569466e0
SHA256

1ae146ca5d407e92e8da96c1a7eedd34d2e28d95379c9ef0ad99553fe379fcc7
SHA512

34d1a4ccbc9ea672e6e237d7ef14ba5e517612d559a3c6706c06076e0823dea73e4114b87b59373e51c3407a1d25ff84f969867ead9445f443e2fb700d112975
SSDEEP

24576:ZBUIKn/vwOXGUXAjCymYZiVtElVIBT2roqnTSSxWeT/dRPOO8aWQHUq7:F0dwAYZt6C31WeTVRPOha7Uq7

Score

10^/10

djvu

Malware Config

Signatures

Detected Djvu ransomware 1 IoCs

resource	yara_rule
sample	family_djvu

Djvu family
djvu

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38481510x0000000000400000.dmp

Files

38481510x0000000000400000.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 809KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ