Extracted

• • Target

    fefb3c7053a1332b03a4c0523862e8e387a5065b263cf10cb0d7f33f02afc646

  • Size

    4.6MB

  • MD5

    b4fb8e289a0436895defe466a150f4bd

  • SHA1

    87784505e4fb2efe696b86465ccf230d92e0efa4

  • SHA256

    fefb3c7053a1332b03a4c0523862e8e387a5065b263cf10cb0d7f33f02afc646

  • SHA512

    1ae00231aa059a2ce1b000f4458d20b6024b6e32da0a5de23c30dbe0a2110aeef524a16148f9b70e5b19d5faa891421acddc9da66a9bbb7a79c1981e4605b48e

  Score

  10^/10

  ransomwarepersistencespyware

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Modifies service

    persistence
  behavioral1behavioral2