dusk | 8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e

Analysis

max time kernel
6s
max time network
124s
platform
windows10_x64
resource
win10
submitted
28-09-2020 10:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin.exe
Size

18KB
MD5

849ffabdc4a5e8da2ca654f614b01c56
SHA1

791730d1deeb38d4fc93529c7ad9da06d060edd8
SHA256

8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e
SHA512

2df86fb79f463252c794fa757a7a95d2c25ee5911c018e9ce50545669e93361e7216edabaa0880419a851405b4dab3fafab0d72f0196ae3f98ec26c9676fd85e

Score

10^/10

ransomware dusk

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\!#!READ-ME!#!.txt

Family

dusk

Ransom Note

------------------------------ ____ __ _______ __ __ / __ \/ / / / ___// //_/ / / / / / / /\__ \/ ,< / /_/ / /_/ /___/ / /| | /_____/\____//____/_/ |_| ------------------------------ Dusk v1.0 YOUR FILES ARE ENCRYPTED! ------------------------------ If you want to recover them follow these steps: 1. Send $50 to this address: BTC: 1EiGoumJiBNJszEzTzasmQhCVaEYDDEbuo 2. Send email to: [email protected] 3. Enjoy! ------------------------------ Do not waste your time trying recover your files using third party services! Only we can do that

Emails

[email protected]

Wallets

1EiGoumJiBNJszEzTzasmQhCVaEYDDEbuo

Signatures

Dusk Ransomware
Family first seen in September 2020.
ransomware dusk

C:\Users\Admin\AppData\Local\Temp\8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin.exe
"C:\Users\Admin\AppData\Local\Temp\8181c98ed221d00c89712ea50d37179dc633b9e04bfc2aca1b7df26fd3db1f4e.bin.exe"
1⤵
PID:3104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3104-0-0x00007FFA23F00000-0x00007FFA248EC000-memory.dmp

Filesize
9.9MB

Download
memory/3104-1-0x0000000000700000-0x0000000000701000-memory.dmp

Filesize
4KB

Download