Behavioral task
behavioral1
Sample
2024-01-24_c073fa0b46a4652774233da008a15664_stop.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-24_c073fa0b46a4652774233da008a15664_stop.exe
Resource
win10v2004-20231215-en
General
-
Target
2024-01-24_c073fa0b46a4652774233da008a15664_stop
-
Size
1.2MB
-
MD5
c073fa0b46a4652774233da008a15664
-
SHA1
baa524d6c90d56d9966b6cdc74a489376a368624
-
SHA256
7eb244f21e6eb7bb2bc538a9f57984116360e039e23cffb6b60db9b3de91159c
-
SHA512
585198410f82530d8112660b8357e4416f514334771be293743834eb09b29ed35d05876ef6d916abcb1948c842db7b5c062f17da7f6384f3bb11653218eefc42
-
SSDEEP
24576:ZBUIKn/vwOXGUXAjCymYZiVtElVIBT2roqnTSSxWeT/dRPOO8hWoHUq7:F0dwAYZt6C31WeTlRPOhhjUq7
Malware Config
Signatures
-
Detected Djvu ransomware 1 IoCs
resource yara_rule sample family_djvu -
Djvu family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-01-24_c073fa0b46a4652774233da008a15664_stop
Files
-
2024-01-24_c073fa0b46a4652774233da008a15664_stop.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 809KB - Virtual size: 809KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 247KB - Virtual size: 246KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ