Static task
static1
General
-
Target
alldat.tar.gz
-
Size
3.0MB
-
MD5
91f32121c212d4572ae024c5754a124e
-
SHA1
528c11b74ceddd0e0e41c68a6c17dea12ca6370b
-
SHA256
8fd67a431ae65bf9e21564c40f4fb7af65ee1b072b1aef691c63f82fc33aa11a
-
SHA512
bfad07160ead6342b70b928f3fdddb6f6a3ac43643b23fbf3ccd8a362c00e5e06a2efa409fc67853493fb915ce7aff4f3622b2ef6c2eefeedb0575c9f696bb80
-
SSDEEP
98304:YMmjtiBSTek2M7z+m7duS6cW8Q/gxmWJSL:YMm8Bw/r7hYS6c1txmh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/ransom.exe
Files
-
alldat.tar.gz.gz
-
sample.tar
-
mbkey.txt
-
ransom.exe.exe windows:6 windows x86 arch:x86
f032b4cc0eb4f2eac3f528efe4c73962
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
EndPaint
GetWindowLongW
PostMessageW
SetWindowPos
EndDialog
GetSystemMetrics
ShowWindow
OpenClipboard
GetDlgItemTextA
SetTimer
DrawTextA
CloseClipboard
EmptyClipboard
MessageBoxA
LoadBitmapW
SetClipboardData
wsprintfW
GetDlgItem
SetRect
KillTimer
SystemParametersInfoW
DialogBoxParamW
FindWindowA
LoadImageW
InvalidateRect
BeginPaint
MessageBoxW
gdi32
BitBlt
CreateFontA
SelectObject
CreateCompatibleDC
DeleteDC
SetTextColor
SetBkMode
GetObjectW
DeleteObject
shell32
SHGetFolderPathA
kernel32
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
FreeEnvironmentStringsW
MultiByteToWideChar
LCMapStringW
CompareStringW
SetEnvironmentVariableW
GetStringTypeW
GetProcessHeap
FlushFileBuffers
WriteConsoleW
HeapSize
HeapReAlloc
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapFree
GetLastError
SizeofResource
FindFirstFileW
FindNextFileW
WriteFile
WaitForMultipleObjects
GetTempPathW
FindClose
CreateFileW
GetSystemDirectoryW
FreeResource
Sleep
LockResource
GlobalAlloc
CloseHandle
CreateThread
LoadResource
FindResourceW
GlobalLock
GetModuleHandleW
GetConsoleWindow
GlobalUnlock
GetDriveTypeW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
DecodePointer
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
HeapAlloc
RaiseException
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
SetEndOfFile
SetFilePointerEx
DeleteFileW
ReadFile
GetConsoleMode
ReadConsoleW
GetFileType
GetConsoleOutputCP
ExitProcess
GetModuleHandleExW
QueryPerformanceFrequency
GetStdHandle
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
SetStdHandle
Sections
.text Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7.6MB - Virtual size: 7.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ