General

  • Target

    c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4.bin

  • Size

    101KB

  • Sample

    200826-jdzf5d33aa

  • MD5

    a200d6c3988d8bf49c305f3e2adee785

  • SHA1

    68dcbf15e926bd239026ed065471d914c85f9c75

  • SHA256

    c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4

  • SHA512

    003efd039edc0f5714853eaaa78e04c6440f707950e9e258ea019ca8573947c7d89b001d711b8e1ab4fb4748af4c488044a4777859f316b91b35672a4da8669e

Score
10/10

Malware Config

Targets

    • Target

      c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4.bin

    • Size

      101KB

    • MD5

      a200d6c3988d8bf49c305f3e2adee785

    • SHA1

      68dcbf15e926bd239026ed065471d914c85f9c75

    • SHA256

      c14f8bc656284715516f26935afe487a1d584f56ffabbcb98f2974f6ca6cd3a4

    • SHA512

      003efd039edc0f5714853eaaa78e04c6440f707950e9e258ea019ca8573947c7d89b001d711b8e1ab4fb4748af4c488044a4777859f316b91b35672a4da8669e

    Score
    10/10
    • Conti Ransomware

      Ransomware generally thought to be a successor to Ryuk.

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks