Overview

overview

10

Static

static

3

027cc450ef...d9.dll

windows10-ltsc 2021-x64

10

027cc450ef...ju.dll

windows10-ltsc 2021-x64

10

ee29b9c013...bc6.js

windows10-ltsc 2021-x64

3

fe2e5d0543...L9.rtf

windows10-ltsc 2021-x64

1

myguy.hta

windows10-ltsc 2021-x64

10

svchost.exe

windows10-ltsc 2021-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ransomware.Petrwrap (1).zip

  • Size

    1.1MB

  • MD5

    6884a35803f2e795fa4b121f636332b4

  • SHA1

    527bfbf4436f9cce804152200c4808365e6ba8f9

  • SHA256

    cf01329c0463865422caa595de325e5fe3f7fba44aabebaae11a6adfeb78b91c

  • SHA512

    262732a9203e2f3593d45a9b26a1a03cc185a20cf28fad3505e257b960664983d2e4f2b19b9ff743015310bf593810bd049eb03d0fd8912a6d54de739742de60

  • SSDEEP

    24576:XtZfUANeQHLqNZ2rl5zkFGPI/9+4C/BGq/Om00pN5m:XtZc+trnHkxVqQqm

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Ransomware.Petrwrap (1).zip
    .zip

    Password: infected

  • 027cc450ef5f8c5f653329641ec1fed9.exe
    .dll windows:5 windows x86 arch:x86

    52dd60b5f3c9e2f17c2e303e8c8d4eab


    Code Sign

    Headers

    Imports

    Sections

  • 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745_98STJd8lju.bin.gz
    .gz
  • 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745_98STJd8lju.bin
    .dll windows:5 windows x86 arch:x86

    52dd60b5f3c9e2f17c2e303e8c8d4eab


    Code Sign

    Headers

    Imports

    Sections

  • ee29b9c01318a1e23836b949942db14d4811246fdae2f41df9f0dcd922c63bc6.bin.gz
    .gz
  • ee29b9c01318a1e23836b949942db14d4811246fdae2f41df9f0dcd922c63bc6.bin
    .js
  • fe2e5d0543b4c8769e401ec216d78a5a3547dfd426fd47e097df04a5f7d6d206_OFkNP1kKL9.bin.gz
    .gz
  • fe2e5d0543b4c8769e401ec216d78a5a3547dfd426fd47e097df04a5f7d6d206_OFkNP1kKL9.bin
    .rtf
  • myguy.hta
    .js
  • svchost.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections