General
-
Target
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e
-
Size
493KB
-
Sample
201016-1xzf9nn6rn
-
MD5
c15bd704405c47f1cf081cba3ec67d17
-
SHA1
5c74894ad0228821cef1794cfeb6a989e7ec551a
-
SHA256
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e
-
SHA512
aa00445344d0c8b81ef983f931063ca20cd3510e588e26fcab342b6cb2af894a119c8ba10f9b103bbc16c9d04089b6817a0545ebe6975ce51a5eb03479c3cb7a
Static task
static1
Behavioral task
behavioral1
Sample
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e.exe
Resource
win7v200722
Behavioral task
behavioral2
Sample
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e.exe
Resource
win10v200722
Malware Config
Extracted
C:\Users\Admin\Documents\__READ_ME_TO_RECOVER_YOUR_FILES.txt
nhands_q647t@pudxe.com
398sW5eMDvyr93CJHKRD3eYE9vK5ELVrHP
Extracted
C:\Users\Admin\Documents\__READ_ME_TO_RECOVER_YOUR_FILES.txt
nhands_q647t@pudxe.com
398sW5eMDvyr93CJHKRD3eYE9vK5ELVrHP
Targets
-
-
Target
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e
-
Size
493KB
-
MD5
c15bd704405c47f1cf081cba3ec67d17
-
SHA1
5c74894ad0228821cef1794cfeb6a989e7ec551a
-
SHA256
0e1afd3c9ee17408c055e272c2087fdb1e759c8a4b9373fcf2a4bf81d041b58e
-
SHA512
aa00445344d0c8b81ef983f931063ca20cd3510e588e26fcab342b6cb2af894a119c8ba10f9b103bbc16c9d04089b6817a0545ebe6975ce51a5eb03479c3cb7a
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-