General

  • Target

    2024-02-13_801134871d944957959f541ce4e7dc13_ransomlock

  • Size

    1.3MB

  • MD5

    801134871d944957959f541ce4e7dc13

  • SHA1

    1e79f53a027b6aa921934ed43672cabcc5e3ed60

  • SHA256

    acef67fef3279db0b0c7bec48baa445674c9d9abd5648a560b66fdc1e0f05a6e

  • SHA512

    69d7833971481fdec756f8a0733f53a40cd73545d77671e5236760b2518062ddd84b5a6cc67d47482dda069a396dd08aaf583116f2aa1d0ae275ab4d91d0973e

  • SSDEEP

    24576:Aw8gCCgWDAe1wLiBnGHpq0Iylpn0oCcTQ0EbO:x8g3nuEUr0rcT8O

Score
10/10

Malware Config

Signatures

  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-13_801134871d944957959f541ce4e7dc13_ransomlock
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections