202409206f1a1461f95d3de99d47f68b1da78513bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

202409206f1a1461f95d3de99d47f68b1da78513bkransomware
Size

6.7MB
MD5

6f1a1461f95d3de99d47f68b1da78513
SHA1

af4e0c845375a1f3206fc84225653a5d6a732109
SHA256

413c42a5547e336e370fc74d9ad0ced99cab7161fac4f713d0bd27bb454622ac
SHA512

4a759c451537f242687a342ec353a6e5d6b8f1d652f7e1706097a7b0be2dbbe7771a96223b15bb6d317c79add9b321c404f66f2e75bf5c93fafc74af4c4426cc
SSDEEP

98304:VTKb0nUegBAV7SEvurihfxZLR8moMy7WkBXjiD8LFV8ODkKOsPmnn751I37Uf:BKzegBAh2uBxWMy7nXmgvz+n7j2Uf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
202409206f1a1461f95d3de99d47f68b1da78513bkransomware

Files

202409206f1a1461f95d3de99d47f68b1da78513bkransomware
.exe windows:6 windows x86 arch:x86

c7d43cf42a61d2b3b66b6c029b254acf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
RtlCaptureContext
MapViewOfFile
UnmapViewOfFile
GetDriveTypeW
GetSystemDefaultUILanguage
FindResourceW
FreeLibrary
WaitNamedPipeA
InitializeSListHead
CreateDirectoryW
GlobalLock
SignalObjectAndWait
SetCommBreak
WaitForSingleObjectEx
GetCurrentThread
VirtualFree
GetSystemTimeAsFileTime
GetWindowsDirectoryA
GetProcessTimes
WideCharToMultiByte
LoadLibraryW
IsValidLocale
InitializeCriticalSectionAndSpinCount
Sleep
CreateEventA
FormatMessageW
FileTimeToSystemTime
SetThreadPriority
GetStartupInfoW
GlobalUnlock
GetPrivateProfileIntW
FindFirstFileA
SetLastError
IsValidCodePage
FindClose
ResetEvent
GetExitCodeThread
CreateEventW
DeviceIoControl
EnumResourceTypesW
GetThreadPriority
GetModuleHandleA
FileTimeToLocalFileTime
DeleteFileW
OpenFileMappingA
LocalFree
EnumResourceNamesW
ExpandEnvironmentStringsW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
EncodePointer
GetFullPathNameW
ExitProcess
ResumeThread
TlsFree
VirtualProtect
FindNextFileA
CreatePipe
GetSystemInfo
QueryDosDeviceW
LockResource
CreateFileMappingA
GetLocalTime
GlobalFree
EnterCriticalSection
CreateNamedPipeA
GetCPInfoExW
GetTempPathW
ExitThread
GetOverlappedResult
MulDiv
GetExitCodeProcess
LeaveCriticalSection
GetSystemTimeAdjustment
GetSystemDirectoryW
OpenProcess
SetCommTimeouts
GetUserDefaultLCID
SetHandleInformation
HeapFree
SetEnvironmentVariableW
VerSetConditionMask
LoadLibraryExW
SetErrorMode
GetLocaleInfoA
CreateFileA
GetTempFileNameW
GetEnvironmentVariableW
SuspendThread
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SetEvent
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThreadId
DeleteCriticalSection
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
CreateTimerQueue
CreateFileW

user32

BeginDeferWindowPos
GetDlgItemInt
DestroyAcceleratorTable
GetMessageW
RegisterWindowMessageW
AttachThreadInput
EnumWindows
CreateIconIndirect
DrawFocusRect
InflateRect
GetMenu
CheckMenuRadioItem
MessageBoxA
DrawStateW
SetWindowLongW
DestroyCursor
GetDlgCtrlID
GetSysColorBrush
CreateWindowExW
ShowWindow
SetDlgItemTextW
ValidateRgn
SendMessageW
UpdateWindow
EndMenu
ToUnicode
DrawFrameControl
GetMonitorInfoW
CheckMenuItem
CopyRect
GetWindow
EndPaint
CharNextW
PostMessageW
GetKeyState
GetDC
CreateDialogIndirectParamA
SetDlgItemInt
GetWindowTextW
CharUpperW
GetDesktopWindow
EnumChildWindows
InsertMenuW

gdi32

SetWindowOrgEx
SetLayout
SetViewportOrgEx
PlayEnhMetaFile
RectInRegion
Ellipse
ExtCreateRegion
GetBkColor
GetObjectW
GetCharABCWidthsW
SetStretchBltMode
GetTextExtentPoint32W
SetTextColor
CreateHatchBrush
StretchBlt
GetRgnBox
GetEnhMetaFileHeader
GetRegionData
CreatePatternBrush
SetWinMetaFileBits
GetTextExtentPointW

comdlg32

FindTextW
GetSaveFileNameW

advapi32

RegCloseKey
RegLoadKeyW
AdjustTokenPrivileges
ControlService
RegDeleteValueA
ChangeServiceConfigW
SetSecurityDescriptorDacl
RegQueryValueExW
SetSecurityDescriptorOwner
RegConnectRegistryW
StartServiceW
OpenProcessToken
CloseServiceHandle

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
Shell_NotifyIconW

ole32

CoInitialize

oleaut32

SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayGetLBound
SysFreeString

Sections

.text
Size: 678KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gDcI
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7d43cf42a61d2b3b66b6c029b254acf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 678KB - Virtual size: 678KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.gDcI Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 678KB - Virtual size: 678KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.gDcI
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB