Overview

overview

9

Static

static

7

NOBLIS RANSOMWARE.exe

windows7-x64

7

NOBLIS RANSOMWARE.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NOBLIS RANSOMWARE.bin.zip

  • Size

    7.0MB

  • MD5

    2990b9b8bb30054d5d0f8e787831a641

  • SHA1

    8a3352878d43e77d36921d7c8ca43b164cf5a8f2

  • SHA256

    4cd12497eab4212904d1be1146412cb49f41b4921f1930aa25a34f1bcdf886be

  • SHA512

    36918c406803bcb92da78ce6d563c89557ffe46bb046ba69f5841adc2ff07caf7b8fdfc1119397f8c899235e6bda17ca9c90e91efd208ac6d42588b36baaafa9

  • SSDEEP

    196608:g10IacnsGa1NowBz3l9KCTLzHw4wKCzipUZMYe:u0IxS1JzlDw4KiUpe

Score
7/10
upxpyinstaller

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Detects Pyinstaller 1 IoCs
    pyinstaller
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NOBLIS RANSOMWARE.bin.zip
    .zip

    Password: infected

  • NOBLIS RANSOMWARE.bin
    .exe windows:4 windows x86


    Headers

    Sections

  • Main.pyc