6b028397217f8d8185e2026da3a6ed4e12a32d0e02a365aafc39b9a1362197f3

General

Target

271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad.zip
Size

441KB
Sample

200804-d3e1b2phf6
MD5

da17f72e7ce8b876607ed077c0fc527a
SHA1

2ca0b1c3828fe4fd7ffe6309c9408d02af60ace1
SHA256

6b028397217f8d8185e2026da3a6ed4e12a32d0e02a365aafc39b9a1362197f3
SHA512

74cb5be0f4f825aff82cbd937da194df145fcad666279188118aad617f4533cd640b63ca8829846c5f693c405ea3eb3acd0ee5b004318e3868333aad2df4ce0d

Score

10^/10

ransomware

Malware Config

Extracted

Path

\??\Volume{a2da1a04-afea-11ea-ab7e-806e6f6e6963}\Program Files\7-Zip\Lang\!!FAQ for Decryption!!.txt

Ransom Note

Good day. All your files are encrypted. For decryption contact us. Write here [email protected] We also inform that your databases, ftp server and file server were downloaded by us to our servers. * Do not rename encrypted files. * Do not try to decrypt your data using third party software, it may cause permanent data loss.

Emails

[email protected]

Targets

- Target
  
  271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad.exe
- Size
  
  1.1MB
- MD5
  
  a12e733ddbe6f404b27474fa0e5de61d
- SHA1
  
  e8d0c95621a19131ef9480e58a8d6dd3d15c9acd
- SHA256
  
  271ef3c1d022829f0b15f2471d05a28d4786abafd0a9e1e742bde3f6b36872ad
- SHA512
  
  f27605a283e958690eb7ad50aa46110b6d155217ad09d658ad3f9c4368d4c66ab623a0cc3489d695a02db462fec3bcf8ebee13f9da1bd61e2e3db46de2d73ddf
Score

10^/10

ransomware
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Deletes itself

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2