[Community-sigs] Win.Trojan.Ransom
Askar Dyussekeyev
dyussekeyev at yandex.kz
Wed Jul 20 13:07:14 EDT 2016
Win.Trojan.Ransom:1:1118:83C404C9C30000000000000000000000000000000000000000000000000000000000872C24558D6C24045189E981E90010000085012D001000003D001000007DEC29C1850189E089CC8B08FF60048B45ECC3E8F7FFFFFF8B008B00C3E8EDFFFFFF50E8EBFFFFFF50E8CD00000081C408000000C38B65E8E8D6FFFFFF50E8C0000000FFFFFFFFBA124000D2124000E9B7000000
signature looks for specific block of code
detections (572):
00896020ea957e3389d6b1315661e80f
00f73b2fae33e9becc6f700194704774
016f5c85ee65e5e2fb7c4c7c8c05fe09
................................
ff9454f937addfde5a9983426f9571f3
More information about the Community-sigs
mailing list