General
-
Target
__RMAMO.exe.zip
-
Size
7KB
-
Sample
201017-4zgmr6ksx6
-
MD5
def9f1bb6b444589e603eab9049a8612
-
SHA1
28136b3d3e7cb70a9efac95262d452051b4bf1e0
-
SHA256
60e55a6f8d9008996bc311ea1036341d7d95e5f307679cb132a4f4c19f398f82
-
SHA512
3f0483e5d495fa1d0a3455ed205b5d5debbfbfa039f144af64dc8f9631c3d029f5d2df50cbbb7fb48b90ea4c52029b68733799be26a6641e4b8e7a60108c776f
Static task
static1
Behavioral task
behavioral1
Sample
__RMAMO.exe
Resource
win7v200722
Behavioral task
behavioral2
Sample
__RMAMO.exe
Resource
win10
Malware Config
Targets
-
-
Target
__RMAMO.exe
-
Size
15KB
-
MD5
175dec4cc4ce5297e80b698c19b4aed5
-
SHA1
95ea5750b5f870465fc87c5c20402935a74d5e67
-
SHA256
772c3349ad353bf2b4a4b1229d36b2d42346e3981d8438deac870fdb918ab536
-
SHA512
b5cc59d1708e39ee109b3530775628d765b9474cc2d8ca6914240fcf855711d679014843c5f35c72b011e0fcd0ba929f4c55de04f5937b51df04692e87659ac7
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-