General
-
Target
c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4.bin
-
Size
101KB
-
Sample
200826-jdzf5d33aa
-
MD5
a200d6c3988d8bf49c305f3e2adee785
-
SHA1
68dcbf15e926bd239026ed065471d914c85f9c75
-
SHA256
c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4
-
SHA512
003efd039edc0f5714853eaaa78e04c6440f707950e9e258ea019ca8573947c7d89b001d711b8e1ab4fb4748af4c488044a4777859f316b91b35672a4da8669e
Malware Config
Targets
-
-
Target
c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4.bin
-
Size
101KB
-
MD5
a200d6c3988d8bf49c305f3e2adee785
-
SHA1
68dcbf15e926bd239026ed065471d914c85f9c75
-
SHA256
c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4
-
SHA512
003efd039edc0f5714853eaaa78e04c6440f707950e9e258ea019ca8573947c7d89b001d711b8e1ab4fb4748af4c488044a4777859f316b91b35672a4da8669e
Score10/10-
Conti Ransomware
Ransomware generally thought to be a successor to Ryuk.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-