63b541a11d8389b13c634665ba72437270cd8bbbbc3df7dc43acfe201a5a67e5 (SHA256)
BooM Ransomeware.exe
Created at 2019-01-04 20:42:00
Notifications (2/3)
Could not parse sample file: 'Invalid e_lfanew value, probably not a PE file'
Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.
The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.
Top Threat Indicators (View all 1025 threat indicators)
| Category | Operation | Classification |
|---|---|---|
| File System | Renames user files | Ransomware |
| File System | Known malicious file | Trojan |
| Process | Creates an unusally large number of processes | - |
Screenshots
Monitored Processes
Analysis Information
| Creation Time | 2019-01-04 21:42 (UTC+1) |
| Analysis Duration | 00:04:00 |
| Number of Monitored Processes | 16 |
| Execution Successful |
|
| Reputation Enabled |
|
| WHOIS Enabled |
|
| YARA Enabled |
|
| Termination Reason | Timeout |
| Tags |
Sample Information
| ID | #413953 |
| MD5 |
e8e07496df5370d2e49ecce5a47c1fd2
|
| SHA1 |
caa07048b079f148d704a49a0d44cd299a3db380
|
| SHA256 |
63b541a11d8389b13c634665ba72437270cd8bbbbc3df7dc43acfe201a5a67e5
|
| SSDeep |
3072:Sed1DM5u4n7pV1HiBDqSe/01R+8UQrbUQrYc1rIzDu:3fDM5u41HiBK/s+4rXrYc1
|
| ImpHash |
f34d5f2d4577ed6d9ceec516c1f5a744
|
| Filename | BooM Ransomeware.exe |
| File Size | 181.00 KB |
| File Type | Windows Exe (x86-32) |
Analyzer Information
| Dynamic Analyzer Build Date | 2018-11-29 14:58 (UTC+1) |
| Dynamic Analyzer Version | 2.3.2 |
| Static Analyzer Version | 1.0.1 |
| VTI Ruleset Version | 3.1 |
| YARA Built-in Ruleset Version | 1.1 |
| Analysis Report Layout Version | 3 |
