VTI SCORE: 96/100
Dynamic Analysis Report |
Classification: Trojan |
1da3bb217a3d771d357edfc401ac3835c29066e5d0a795e12aabd4b888bd15e3 (SHA256)
Godsomware.exe
Windows Exe (x86-32)
Created at 2018-10-06 16:50:00
Notifications (1/1)
The operating system was rebooted during the analysis.
This is a filtered view
This list contains only the embedded files and created files
Filters: |
There are no files for this filter
Filename | Category | Type | Severity | Actions |
---|
C:\Users\CIiHmnxMn6Ps\Desktop\Godsomware.exe | Sample File | Binary |
Blacklisted
|
...
|
»
File Reputation Information
»
Severity |
Blacklisted
|
First Seen | 2018-09-30 00:48 (UTC+2) |
Last Seen | 2018-10-04 18:56 (UTC+2) |
Names | ByteCode-MSIL.Trojan.Wanna |
Families | Wanna |
Classification | Trojan |
PE Information
»
Image Base | 0x400000 |
Entry Point | 0x61d8ca |
Size Of Code | 0x21ba00 |
Size Of Initialized Data | 0x11a00 |
File Type | executable |
Subsystem | windows_gui |
Machine Type | i386 |
Compile Timestamp | 2077-12-06 23:29:17+00:00 |
Version Information (11)
»
Assembly Version | 1.0.0.0 |
LegalCopyright | Copyright Godsomware © 2018 All Reverved |
InternalName | Godsomware.exe |
FileVersion | 1.0.0.0 |
CompanyName | NinjaGhost |
LegalTrademarks | Ninja |
Comments | Ransomware God Crypt v1.0 by NinjaGhost |
ProductName | Godsomware v1.0 |
ProductVersion | 1.0.0.0 |
FileDescription | God Crypt v1.0 |
OriginalFilename | Godsomware.exe |
Sections (3)
»
Name | Virtual Address | Virtual Size | Raw Data Size | Raw Data Offset | Flags | Entropy |
---|---|---|---|---|---|---|
.text | 0x402000 | 0x21b8d0 | 0x21ba00 | 0x200 | cnt_code, mem_execute, mem_read | 7.51 |
.rsrc | 0x61e000 | 0x11750 | 0x11800 | 0x21bc00 | cnt_initialized_data, mem_read | 4.73 |
.reloc | 0x630000 | 0xc | 0x200 | 0x22d400 | cnt_initialized_data, mem_discardable, mem_read | 0.1 |
Imports (1)
»
mscoree.dll (1)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
_CorExeMain | 0x0 | 0x402000 | 0x21d8a0 | 0x21baa0 | 0x0 |