8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin

General
Target

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin

Size

18KB

Sample

200928-7bsdqsxae6

Score
10 /10
MD5

849ffabdc4a5e8da2ca654f614b01c56

SHA1

791730d1deeb38d4fc93529c7ad9da06d060edd8

SHA256

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e

SHA512

2df86fb79f463252c794fa757a7a95d2c25ee5911c018e9ce50545669e93361e7216edabaa0880419a851405b4dab3fafab0d72f0196ae3f98ec26c9676fd85e

Malware Config

Extracted

Path C:\Users\Admin\Desktop\!#!READ-ME!#!.txt
Family dusk
Ransom Note
------------------------------ ____ __ _______ __ __ / __ \/ / / / ___// //_/ / / / / / / /\__ \/ ,< / /_/ / /_/ /___/ / /| | /_____/\____//____/_/ |_| ------------------------------ Dusk v1.0 YOUR FILES ARE ENCRYPTED! ------------------------------ If you want to recover them follow these steps: 1. Send $50 to this address: BTC: 1EiGoumJiBNJszEzTzasmQhCVaEYDDEbuo 2. Send email to: cyber.duskfly@protonmail.com 3. Enjoy! ------------------------------ Do not waste your time trying recover your files using third party services! Only we can do that
Emails

cyber.duskfly@protonmail.com
Wallets

1EiGoumJiBNJszEzTzasmQhCVaEYDDEbuo
Targets
Target

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin

MD5

849ffabdc4a5e8da2ca654f614b01c56

Filesize

18KB

Score
10 /10
SHA1

791730d1deeb38d4fc93529c7ad9da06d060edd8

SHA256

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e

SHA512

2df86fb79f463252c794fa757a7a95d2c25ee5911c018e9ce50545669e93361e7216edabaa0880419a851405b4dab3fafab0d72f0196ae3f98ec26c9676fd85e

Tags

Signatures

  • Dusk Ransomware

    Description

    Family first seen in September 2020.

    Tags

  • Modifies extensions of user files

    Description

    Ransomware generally changes the extension on encrypted files.

    Tags

Related Tasks

behavioral1 behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10