General

Malware Config

Signatures

Files

• 88f17afe4c79bd252df59787a44bd6fb.bin

  .zip

  Password: infected

• MalwareCollection-0.0.1/LICENSE
• MalwareCollection-0.0.1/README.md
• MalwareCollection-0.0.1/Ransomware/Ransomware.7ev3n.zip

  .zip

  Password: infected

• Ransomware.7ev3n.exe

  .exe windows:6 windows x86 arch:x86

  Password: infected

  008aca28b7c001acc5e0ab32fabaad84

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  J:\Win32Project9\Release\Win32Project9.pdb

  Imports

  kernel32

  GetCurrentProcess

  ExitThread

  SetEndOfFile

  CreateFileW

  HeapSize

  WriteConsoleW

  ReadConsoleW

  SetStdHandle

  FindFirstFileExW

  FindClose

  GetProcAddress

  GetCommandLineW

  GetCommandLineA

  GetProcessHeap

  SetEnvironmentVariableW

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetOEMCP

  IsValidCodePage

  SetFilePointerEx

  ReadFile

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  WinExec

  CreateProcessA

  GetStartupInfoA

  GetModuleFileNameW

  CopyFileA

  GetFileAttributesA

  GetModuleFileNameA

  FindNextFileW

  GetLocalTime

  FindFirstFileW

  CreateThread

  GetModuleHandleW

  Sleep

  GetLogicalDrives

  VerifyVersionInfoW

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetFileAttributesExW

  GetExitCodeProcess

  WaitForSingleObject

  GetFileType

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  IsProcessorFeaturePresent

  CloseHandle

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  SetEvent

  ResetEvent

  WaitForSingleObjectEx

  CreateEventW

  IsDebuggerPresent

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  WideCharToMultiByte

  MultiByteToWideChar

  GetStringTypeW

  EncodePointer

  DecodePointer

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  GetCPInfo

  GetLastError

  FreeLibrary

  LoadLibraryExW

  RaiseException

  RtlUnwind

  MoveFileExW

  ExitProcess

  GetModuleHandleExW

  GetStdHandle

  WriteFile

  GetACP

  HeapAlloc

  HeapReAlloc

  HeapFree

  VerSetConditionMask

  user32

  ShowWindow

  SendMessageW

  FindWindowW

  DrawTextA

  CallNextHookEx

  GetAsyncKeyState

  DefWindowProcW

  PostQuitMessage

  DestroyWindow

  KillTimer

  InvalidateRect

  SetTimer

  EndPaint

  SetWindowsHookExW

  DrawTextW

  BeginPaint

  GetSystemMetrics

  ShowCursor

  DispatchMessageW

  TranslateMessage

  GetMessageW

  SetForegroundWindow

  SetWindowLongW

  SetWindowPos

  CreateWindowExW

  RegisterClassExW

  LoadCursorW

  gdi32

  MoveToEx

  CreatePen

  DeleteObject

  SetTextColor

  SetBkMode

  SelectObject

  CreateFontIndirectW

  CreateSolidBrush

  LineTo

  advapi32

  SystemFunction036

  GetUserNameA

  RegCloseKey

  RegQueryValueExW

  RegOpenKeyExW

  GetUserNameW

  shell32

  ord680

  wininet

  InternetOpenW

  InternetOpenUrlW

  InternetReadFile

  InternetCloseHandle

  netapi32

  NetUserGetInfo

  Sections

  .text

  Size: 174KB - Virtual size: 174KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 122KB - Virtual size: 121KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 840B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 11KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• MalwareCollection-0.0.1/Ransomware/Ransomware.BadRabbit.zip

  .zip

  Password: infected

• Ransomware.BadRabbit.exe

  .exe windows:5 windows x86 arch:x86

  Password: infected

  e3bda9df66f1f9b2b9b7b068518f2af1

  
  

  Code Sign

  7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  21-12-2012 00:00

  Not After

  30-12-2020 23:59

  Subject

  CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50

  Certificate

  Issuer

  CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

  Not Before

  18-10-2012 00:00

  Not After

  29-12-2020 23:59

  Subject

  CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  0e:bf:ea:68:d6:77:b3:e2:6c:ab:41:c3:3f:3e:69:de

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Not Before

  16-12-2016 00:00

  Not After

  17-12-2017 23:59

  Subject

  CN=Symantec Corporation,OU=STAR Security Engines,O=Symantec Corporation,L=Mountain View,ST=California,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7

  Certificate

  Issuer

  CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Not Before

  08-02-2010 00:00

  Not After

  07-02-2020 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2e:6b:e6:bd:11:a8:67:6e:6c:57:90:9e:9b:0d:5f:57

  Certificate

  Issuer

  CN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

  Not Before

  15-03-2017 00:00

  Not After

  13-04-2018 23:59

  Subject

  CN=Symantec Corporation,OU=STAR Security Engines,O=Symantec Corporation,L=Mountain View,ST=California,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  7c:1b:35:35:4a:e7:db:74:e7:41:5f:11:69:ca:6b:a8

  Certificate

  Issuer

  CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Not Before

  22-07-2014 00:00

  Not After

  21-07-2024 23:59

  Subject

  CN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12

  Certificate

  Issuer

  CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Not Before

  12-01-2016 00:00

  Not After

  11-01-2031 23:59

  Subject

  CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6

  Certificate

  Issuer

  CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

  Not Before

  02-01-2017 00:00

  Not After

  01-04-2028 23:59

  Subject

  CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  c9:13:30:16:a3:e5:cf:bf:b1:aa:8b:50:d1:16:0f:a5:35:73:41:3d:4f:81:f8:71:05:4e:c7:39:6d:5a:8b:17

  Signer

  Actual PE Digest

  c9:13:30:16:a3:e5:cf:bf:b1:aa:8b:50:d1:16:0f:a5:35:73:41:3d:4f:81:f8:71:05:4e:c7:39:6d:5a:8b:17

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  bd:ae:90:d3:3b:42:bf:69:31:7c:f4:d9:c1:9d:fd:c2:69:86:ca:f0

  Signer

  Actual PE Digest

  bd:ae:90:d3:3b:42:bf:69:31:7c:f4:d9:c1:9d:fd:c2:69:86:ca:f0

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  ExitProcess

  GetCommandLineW

  GetFileSize

  CreateProcessW

  HeapAlloc

  HeapFree

  GetModuleHandleW

  GetProcessHeap

  WriteFile

  GetSystemDirectoryW

  ReadFile

  GetModuleFileNameW

  CreateFileW

  lstrcatW

  CloseHandle

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  SetUnhandledExceptionFilter

  user32

  wsprintfW

  shell32

  CommandLineToArgvW

  msvcrt

  wcsstr

  memcpy

  free

  malloc

  Sections

  .text

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 828B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 28KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 590B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• MalwareCollection-0.0.1/Ransomware/Ransomware.CoronaVirus.zip

  .zip

  Password: infected

• Ransomware.CoronaVirus.exe

  .exe windows:5 windows x86 arch:x86

  Password: infected

  d761cb0531b62176dc524988b5963190

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetProcAddress

  CloseHandle

  CreateFileW

  HeapReAlloc

  HeapSize

  GlobalAlloc

  ReadConsoleW

  GetConsoleMode

  GetConsoleCP

  GetProcessHeap

  SetStdHandle

  SetEnvironmentVariableA

  GetThreadPriority

  SetFilePointerEx

  LoadLibraryA

  SetEvent

  ResetEvent

  CreateEventA

  GetEnvironmentStrings

  GetConsoleWindow

  SetEndOfFile

  GetPriorityClass

  FreeLibrary

  EnumDateFormatsA

  GetCurrentThread

  GetLastError

  GlobalAddAtomA

  WaitForSingleObject

  SetThreadPriority

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  GetCurrentProcess

  FindNextFileA

  FindFirstFileExA

  FindClose

  DecodePointer

  GetStringTypeW

  LCMapStringW

  CompareStringW

  CreateThread

  WaitForSingleObjectEx

  OutputDebugStringW

  HeapAlloc

  HeapFree

  GetACP

  WideCharToMultiByte

  MultiByteToWideChar

  ExitProcess

  WriteConsoleW

  GetModuleHandleExW

  GetModuleFileNameW

  GetModuleFileNameA

  GetFileType

  GetStdHandle

  LoadLibraryExW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  SetLastError

  RtlUnwind

  RaiseException

  EncodePointer

  GlobalFree

  GlobalLock

  GlobalUnlock

  GetModuleHandleW

  GetStartupInfoW

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  BuildCommDCBA

  SetCommTimeouts

  SetCommState

  GetCommTimeouts

  GetCommState

  WriteFile

  ReadFile

  FlushFileBuffers

  CreateFileA

  GetModuleHandleA

  CreateEventW

  SetPriorityClass

  user32

  SetClipboardData

  GetClipboardData

  EmptyClipboard

  IsDlgButtonChecked

  DefWindowProcA

  TranslateMessage

  RegisterWindowMessageW

  ReleaseDC

  EndPaint

  CloseClipboard

  OpenClipboard

  DestroyWindow

  ShowWindow

  SetClassLongA

  WindowFromDC

  GetDesktopWindow

  GetDlgItem

  SendMessageA

  LoadIconA

  CheckMenuItem

  GetCursorPos

  BeginPaint

  GetMessageW

  CreateDialogParamW

  GetDC

  EndDialog

  DialogBoxParamA

  wsprintfA

  OffsetRect

  DispatchMessageW

  TrackMouseEvent

  SetWindowTextA

  MessageBoxA

  RegisterClassA

  UnregisterClassA

  GetClassInfoA

  CreateWindowExA

  SetWindowPos

  IsIconic

  GetWindowRect

  AdjustWindowRectEx

  ShowCursor

  ClientToScreen

  CopyRect

  GetWindowLongA

  SetWindowLongA

  GetMonitorInfoA

  EnumDisplayMonitors

  GetSystemMetrics

  LoadCursorA

  ScreenToClient

  SetRect

  GetMessageA

  DispatchMessageA

  PeekMessageA

  GetMessagePos

  PostQuitMessage

  IsZoomed

  GetKeyState

  GetKeyboardState

  ToAscii

  SetCapture

  ReleaseCapture

  MsgWaitForMultipleObjects

  UpdateWindow

  SetActiveWindow

  GetUpdateRect

  InvalidateRect

  ChildWindowFromPoint

  MonitorFromWindow

  ChangeDisplaySettingsExA

  EnumDisplaySettingsA

  SetCursorPos

  SetCursor

  GetClientRect

  gdi32

  ChoosePixelFormat

  BitBlt

  SelectObject

  CreateDIBSection

  GetTextExtentPoint32A

  CreateCompatibleDC

  GetNearestPaletteIndex

  DeleteDC

  SetViewportOrgEx

  DeleteObject

  CreateDCA

  GetDeviceCaps

  SetPixelFormat

  DescribePixelFormat

  SwapBuffers

  GetPixelFormat

  comdlg32

  GetOpenFileNameA

  FindTextW

  advapi32

  RegQueryValueExA

  OpenSCManagerA

  ControlService

  RegOpenKeyA

  OpenServiceA

  RegCloseKey

  RegOpenKeyExA

  shell32

  ord63

  DragQueryFileA

  ord62

  DragFinish

  ole32

  CreateStreamOnHGlobal

  oleaut32

  CreateTypeLib2

  CreateTypeLi

  odbc32

  ord157

  ord156

  ord155

  opengl32

  wglGetCurrentDC

  glScissor

  glDisableClientState

  glMatrixMode

  glBlendFunc

  glLoadIdentity

  glTexParameteri

  glDeleteTextures

  glPopMatrix

  glViewport

  glEnableClientState

  glPopAttrib

  glPolygonMode

  glBindTexture

  glGenTextures

  glVertexPointer

  glNormalPointer

  glGetFloatv

  glDrawArrays

  glVertex2f

  glTranslatef

  glPushClientAttrib

  glPopClientAttrib

  glBitmap

  glVertex2i

  glRasterPos2i

  glEnd

  glColor4fv

  glColor4f

  glBegin

  glGetString

  glGetError

  glGetBooleanv

  glReadBuffer

  glDrawBuffer

  glFlush

  wglMakeCurrent

  wglGetProcAddress

  wglGetCurrentContext

  wglDeleteContext

  wglCreateContext

  glClearColor

  glTexCoordPointer

  glClear

  glGetIntegerv

  glPushAttrib

  glOrtho

  glPixelStorei

  glPushMatrix

  glDisable

  glDrawElements

  glTexEnvi

  glColorPointer

  glTexImage2D

  glGetTexEnviv

  glEnable

  winmm

  joyGetDevCapsA

  timeBeginPeriod

  timeEndPeriod

  timeGetTime

  joyGetPosEx

  gdiplus

  GdipCreateBitmapFromStream

  GdipSaveImageToStream

  GdipFree

  GdipDisposeImage

  GdipAlloc

  GdipCreateBitmapFromHBITMAP

  GdipCloneImage

  ws2_32

  closesocket

  avifil32

  AVIMakeCompressedStream

  rpcrt4

  UuidCreate

  UuidToStringW

  dbghelp

  EnumerateLoadedModules

  comsvcs

  CoCreateActivity

  imm32

  ImmReleaseContext

  ImmSetCompositionWindow

  ImmGetContext

  Sections

  .text

  Size: 563KB - Virtual size: 563KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 213KB - Virtual size: 212KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 37KB - Virtual size: 444KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 280B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 218KB - Virtual size: 218KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• MalwareCollection-0.0.1/Ransomware/Ransomware.CryptoLocker.zip

  .zip

  Password: infected

• Ransomware.CryptoLocker.exe

  .exe windows:5 windows x86 arch:x86

  Password: infected

  7e8ad4139efc6cbcf31df3bc4b291dd8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  _except_handler3

  memcpy

  memmove

  _vsnprintf

  _vsnwprintf

  _purecall

  memset

  kernel32

  LoadLibraryW

  FreeLibrary

  GetProcAddress

  WideCharToMultiByte

  MultiByteToWideChar

  lstrcmpA

  GlobalLock

  GlobalAlloc

  GlobalUnlock

  GlobalFree

  CreateMutexW

  ReleaseMutex

  FindResourceExW

  LoadResource

  SizeofResource

  LockResource

  CreateProcessW

  SetFilePointerEx

  FindNextFileW

  SystemTimeToFileTime

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetSystemTime

  GetDateFormatW

  GetTimeFormatW

  GetCurrentThreadId

  HeapReAlloc

  HeapAlloc

  HeapFree

  GetProcessHeap

  GetEnvironmentVariableW

  CopyFileExW

  GetUserDefaultUILanguage

  DeleteCriticalSection

  FindClose

  FindFirstFileW

  DeleteFileW

  GetFileTime

  SetLastError

  GetFileSizeEx

  FlushFileBuffers

  ReadFile

  WriteFile

  SetFileTime

  ResumeThread

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  QueryPerformanceCounter

  SetFileAttributesW

  CreateFileW

  GetFileAttributesW

  Sleep

  GetTickCount

  MoveFileExW

  ExpandEnvironmentStringsW

  GetVolumeInformationW

  GetDiskFreeSpaceExW

  WaitForMultipleObjects

  ResetEvent

  GetTempPathW

  GetLogicalDrives

  GetDriveTypeW

  LocalFree

  CloseHandle

  CreateEventW

  GetLastError

  GetHandleInformation

  SetThreadPriority

  GetModuleFileNameW

  GetCurrentThread

  GetModuleHandleW

  SetEvent

  GetComputerNameW

  WaitForSingleObject

  SetErrorMode

  GetCommandLineW

  ExitProcess

  CreateThread

  user32

  MessageBoxIndirectW

  InSendMessage

  ClientToScreen

  GetWindowLongW

  GetClassNameW

  GetCaretPos

  TrackPopupMenu

  AppendMenuW

  GetCursorPos

  CreatePopupMenu

  SetMenuDefaultItem

  DestroyMenu

  LoadIconW

  CloseClipboard

  EmptyClipboard

  OpenClipboard

  SetClipboardData

  SystemParametersInfoW

  ScrollWindowEx

  GetSystemMetrics

  UpdateWindow

  SetScrollInfo

  MessageBoxW

  EndPaint

  ScreenToClient

  GetWindowRect

  DrawTextW

  GetParent

  GetClientRect

  IsDialogMessageW

  DestroyWindow

  BeginPaint

  DrawFocusRect

  IntersectRect

  GetDlgItem

  SendMessageW

  GetDlgCtrlID

  SetWindowTextW

  MoveWindow

  GetDC

  ReleaseDC

  CharLowerW

  PostQuitMessage

  MsgWaitForMultipleObjects

  TranslateMessage

  PeekMessageW

  DispatchMessageW

  SetTimer

  PostMessageW

  SetFocus

  RegisterClassExW

  FlashWindowEx

  InvalidateRect

  GetWindowTextW

  MonitorFromWindow

  SetWindowPos

  ShowWindow

  GetForegroundWindow

  AdjustWindowRectEx

  IsWindowVisible

  GetMonitorInfoW

  DefWindowProcW

  DialogBoxParamW

  SetWindowLongW

  EndDialog

  CreateDialogParamW

  MonitorFromPoint

  UnregisterClassW

  SetForegroundWindow

  GetKeyState

  ReplyMessage

  GetScrollInfo

  CreateWindowExW

  advapi32

  CryptAcquireContextW

  RegSetValueExW

  RegEnumKeyExW

  RegFlushKey

  CryptSetKeyParam

  CryptGetKeyParam

  CryptReleaseContext

  CryptImportKey

  CryptEncrypt

  CryptGenKey

  CryptDestroyKey

  CryptDecrypt

  CryptGetHashParam

  CryptCreateHash

  CryptDestroyHash

  CryptHashData

  RegCreateKeyExW

  RegCloseKey

  CryptExportKey

  RegQueryValueExW

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegDeleteValueW

  RegEnumValueW

  RegOpenKeyExW

  shell32

  SHGetFileInfoW

  SHGetFolderPathW

  ShellExecuteExW

  CommandLineToArgvW

  uxtheme

  SetWindowTheme

  gdi32

  GetDeviceCaps

  CreateSolidBrush

  GetObjectW

  CreateCompatibleDC

  SelectObject

  DeleteObject

  SetBkMode

  SetBkColor

  DeleteDC

  SetTextColor

  GetObjectA

  CreateFontIndirectW

  comctl32

  InitCommonControlsEx

  ord413

  ord410

  shlwapi

  StrCmpW

  StrCmpNW

  StrCmpIW

  PathMatchSpecW

  PathRemoveBackslashW

  PathAddBackslashW

  ord12

  PathFindFileNameW

  PathRemoveFileSpecW

  PathUnquoteSpacesW

  StrChrW

  PathQuoteSpacesW

  msimg32

  AlphaBlend

  winhttp

  WinHttpConnect

  WinHttpCloseHandle

  WinHttpQueryHeaders

  WinHttpWriteData

  WinHttpOpenRequest

  WinHttpReadData

  WinHttpAddRequestHeaders

  WinHttpSendRequest

  WinHttpReceiveResponse

  WinHttpOpen

  gdiplus

  GdipAlloc

  GdipDisposeImage

  GdipCreateHBITMAPFromBitmap

  GdipCloneImage

  GdiplusStartup

  GdipDeleteBrush

  GdipCreateBitmapFromStream

  GdipCreateFontFromLogfontA

  GdipSetStringFormatLineAlign

  GdipDeleteFont

  GdipDeleteGraphics

  GdipDrawImageRectI

  GdipSetStringFormatAlign

  GdipCreateSolidFill

  GdipDrawString

  GdipCreateFromHDC

  GdipSetStringFormatHotkeyPrefix

  GdipCreateStringFormat

  GdipDeleteStringFormat

  GdipCreateFontFromDC

  GdipGetImageHeight

  GdipGetImageWidth

  GdiplusShutdown

  GdipFree

  GdipCloneBrush

  ole32

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  StringFromGUID2

  crypt32

  CryptImportPublicKeyInfo

  CryptStringToBinaryA

  CryptDecodeObjectEx

  Sections

  .text

  Size: 63KB - Virtual size: 62KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 248KB - Virtual size: 247KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• MalwareCollection-0.0.1/Ransomware/Ransomware.CryptoWall.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.GoldenEye.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Jigsaw.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Locky.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Mischa.v2.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Mischa.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.NotPetya.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Petya.A.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.Satana.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.WannaCrypt0r.v1.zip

  .zip
• MalwareCollection-0.0.1/Ransomware/Ransomware.WannaCrypt0r.v2.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.000.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.ANA.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.BUG32.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.Bonzify.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.BossDaMajor.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.ColorBug.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.MEMZ-3.0.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.MEMZ-4.0-Clean.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.MEMZ-4.0.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.MrsMajor2.0.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.MrsMajor3.0.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.NoEscape.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.RegFuck.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.Stuxnet.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.WaffMEMZ-1.0.zip

  .zip
• MalwareCollection-0.0.1/Trojan/Trojan.YouAreAnIdiot.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.AIDS.A.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.CIH.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.A.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.C.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.D.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.E.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.F.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.DOS.Brain.G.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.Melissa.zip

  .zip
• MalwareCollection-0.0.1/Virus/Virus.Win32.CIH.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.AnnaKournikova.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.Magistr.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.MyDoom.A.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.MyDoom.L.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.MyDoom.M.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.MyDoom.NF.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.MyDoom.Q.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.Mylife.A.zip

  .zip
• MalwareCollection-0.0.1/Worm/Email-Worm/Email-Worm.Nyxem.E.zip

  .zip
• MalwareCollection-0.0.1/Worm/Net-Worm/Net-Worm.Sasser.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.Blaster.A.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.Blaster.E.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.CodeRed.A.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.ILOVEYOU.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.Klez.E.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.NetSky.B.zip

  .zip
• MalwareCollection-0.0.1/Worm/Worm.Pikachu.zip

  .zip