3bd5b28160eb1684561930c023d5b3b2893cd828ce9411df09e2921f67530e52 | Triage

Sharing

General

Target

3bd5b28160eb1684561930c023d5b3b2893cd828ce9411df09e2921f67530e52
Size

43KB
MD5

46655e35b9dc79e96ae4203779575e8b
SHA1

c0ba6ba63849543da7fb5cfd90dc3843e00871ff
SHA256

3bd5b28160eb1684561930c023d5b3b2893cd828ce9411df09e2921f67530e52
SHA512

bab21612aaf8b89609b2a40a4c1a54e5af0c8927d48f9bb674014564eb6a3ef27e84031a73611ebea77e23f25359670edc5347b88e419bf10f3b3a50a8be788f
SSDEEP

768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkL7vF1Tw:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLw

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bd5b28160eb1684561930c023d5b3b2893cd828ce9411df09e2921f67530e52

Files

3bd5b28160eb1684561930c023d5b3b2893cd828ce9411df09e2921f67530e52
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.yya
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ