General

  • Target

    ransom_builder.exe

  • Size

    4.3MB

  • MD5

    43a2c7ba0ecd3a1b8ff0b82a0e82296d

  • SHA1

    9b106aa440085d1cf76889a186a4c0ece9f86b06

  • SHA256

    bb623a98f1d61f13d2de4dee55b14f97956e8306aa66d945aab0b00538b95900

  • SHA512

    2d1d9c37fcfc1f38e71a6f7be68431ec5e7220dd8eb8df6fa612be62bed071fdf1f505c9702d69719e74c99ae02af4a48909f63862addca7c4e911c1792b8f59

  • SSDEEP

    98304:w8sjkaDkbFqE0DtuJFsEG/SxFEQGr7wgiMgaUP/XEXw5d1OFQ:yj3aqE0tubjTPgiFaUHEXgaF

Score
5/10

Malware Config

Signatures

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ransom_builder.exe
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections