Overview

overview

10

Static

static

7

E.zip

windows7-x64

1

E.zip

windows10-2004-x64

1

Bitcoin_Wallet.bat

windows7-x64

6

Bitcoin_Wallet.bat

windows10-2004-x64

6

Bitcoin_Wallet.lnk

windows7-x64

3

Bitcoin_Wallet.lnk

windows10-2004-x64

6

YouAreAnIdiot.exe

windows7-x64

3

YouAreAnIdiot.exe

windows10-2004-x64

3

bb.bat

windows7-x64

10

bb.bat

windows10-2004-x64

10

bb.lnk

windows7-x64

3

bb.lnk

windows10-2004-x64

6

devilransom.exe

windows7-x64

10

devilransom.exe

windows10-2004-x64

10

usb.bat

windows7-x64

4

usb.bat

windows10-2004-x64

7

usb.lnk

windows7-x64

3

usb.lnk

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    E.zip

  • Size

    120KB

  • MD5

    da082f1997a0d410c24ecdbcf630925a

  • SHA1

    79cfb13a0ac9bd2bc71f13ff286118e54bbce9c6

  • SHA256

    bd88dd537ee2c8c04bb030d429b9379ea617e958daa82043b1a839be72875885

  • SHA512

    9498461a805dcbb5745e982813d1161519a8659015723d5254d33eec9645f09cfa2d9eba9e958624536285c0fe39e4fdc9bc90bfb091ecb5c6e6f607b0872449

  • SSDEEP

    3072:4U9UOPt/An9vDSEjy5ot0GrE+i8BXjRwO5NwMGJnxswykGi:19U8tEFtjyCM+FVqfu4

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • E.zip
    .zip

    Password: dsscsdc

  • Bitcoin_Wallet.bat
  • Bitcoin_Wallet.lnk
    .lnk
  • YouAreAnIdiot.exe
    .exe windows:4 windows x86 arch:x86

    Password: dsscsdc

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bb.bat
  • bb.lnk
    .lnk
  • devilransom.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • usb.bat
  • usb.lnk
    .lnk