Extracted

• • Target

    08c7dfde13ade4b13350ae290616d7c2f4a87cbeac9a3886e90a175ee40fb641.bin

  • Size

    65KB

  • MD5

    5ff20e2b723edb2d0fb27df4fc2c4468

  • SHA1

    e53d4b589f5c5ef6afd23299550f70c69bc2fe1c

  • SHA256

    08c7dfde13ade4b13350ae290616d7c2f4a87cbeac9a3886e90a175ee40fb641

  • SHA512

    cbcb5bda77351902d149608b4df5637347bcd06f26fba83147c4de42b52ae675e3a0761691c19cb0cadc5b03f32cd0810951ba23cf21ebe266f1ec724ffee996

  Score

  10^/10

  ransomwarenefilim

  • Nefilim

    Ransomware first seen in early 2020 which shares code with the Nemty family. Rewritten in Golang in July 2020.

    ransomwarenefilim

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Deletes itself

  behavioral1behavioral2