Static task
static1
General
-
Target
Annabelle Ransomware (1).zip
-
Size
15.6MB
-
MD5
12b368c03d5126e918127b27c7d16086
-
SHA1
93ccceec02435a7ac6a6a2d242278b80e2c67f7f
-
SHA256
6854b5f66a016c933c2978086d85cd4f207e5c35ee554422a3cdd9a88a5ffecd
-
SHA512
68ea8889c93196ff4f82ca8dbd1d7e79b4bffc42b878b969da4e80e9eec874706016c361299a5f9f717edc70854ee269ee17b39edbbc042af86889900c164aa5
-
SSDEEP
393216:SKkKEMzOrDjYhsZ7mIYi2DEWsUXSGmzZcE2j34ebsgTgH:SKm+hsZ7DYfzMRzZH27sgTk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/716335ba5cd1e7186c40295b199190e2b6655e48f1c1cbe12139ba67faa5e1ac.exe
Files
-
Annabelle Ransomware (1).zip.zip
-
716335ba5cd1e7186c40295b199190e2b6655e48f1c1cbe12139ba67faa5e1ac.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 15.7MB - Virtual size: 15.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 268KB - Virtual size: 267KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ