hakbit

General

Target

69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b
Size

80KB
Sample

201021-l4bghzn2b2
MD5

8152a3d0d76f7e968597f4f834fdfa9d
SHA1

c3cf05f3f79851d3c0d4266ab77c8e3e3f88c73e
SHA256

69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b
SHA512

eb1a18cb03131466a4152fa2f6874b70c760317148684ca9b95044e50dc9cd19316d6e68e680ce18599114ba73e75264de5dab5afe611165b9c6c0b5f01002b4

Score

10^/10

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\HOW_TO_DECYPHER_FILES.txt

Family

hakbit

Ransom Note

To recover your data contact the email below [email protected] Key Identifier: M13QXKon7C2hkmKC2rgNCHGj5mjFsrhjl+ySO6RMmlJPOxmPQlUIJq2A78fYplgtNaKD0yMxcUuZ4Xhc6NjsXaRiUda+D9j2akL4mdsBmcdpDY/oBfmrGkd/F7D2XYLWs+BrcrGuTNuJkT2MrA9ClBuFN+Qn4imadXWf83wdDThSgRupEt8+3no5Q04HrGM1psRfpqWz1LLmjSKkSojdEtcwpmMul1OTxbtGcy2kVFcnk8+J6bflIhtnwJiauBC0+N7hmGE22aR24kFhZLzlU7e07AwuMa0LBp8Rm+XqLJD/01WUAYDTjv4L+6rmFPXyQx5dl+DE6eJ0yYbH0V5ufZ11q/Ifol3niHIo2ZtDJTdMpPlyH9no4/GU2Yf90GPSozBVGh3c5W4PR3AwMjWXKfX1Zh8acH6BeVJHVbiXLznCsGZNo5PVCkEVH64d39d3HEzN3mA6WUipKiA0dbTxyIyw+gf5hBScbsidlnxhCu9GS95p6hmdR1t8Lskc3vUP1zgrq+G89FCqvipwMN1MiABUhTHyMLvkl3HfmL7EutwJX8JnJPJqnI98nFG1rNx9dIe8Xo1MaiAmq0j61XJTpOe42Ll7+Ui+LooUHbMbpBJ/BUBaaRkdHZId+52teVRQ9wHoLtis+ZqcLt9u4U2GQJHQam7O/N99JxI0quEElNc= Number of files that were processed is: 406

Emails

[email protected]

Extracted

Path

C:\Users\Admin\Desktop\HOW_TO_DECYPHER_FILES.txt

Family

hakbit

Ransom Note

To recover your data contact the email below [email protected] Key Identifier: BlDLIs4wzgDoTYIEMMCvweBKQMXgNYDM9ggNJQgtZzjpRuLtkCHG5p7iVoU/LG9TeH623icJzMryxecZlwnGkjZNupY5CL6nC/En+NpYtGKgHgUR5ZL83odx4bFs/rF6ZxqWxrC8X9+JZ88sm/37IAb1dp9CnSae01HuaWsmD2gt/L34ysM/0bXFqMEKkmnCZFt0V1P3LpSMszf7XvRCUi/XW403bjsTv/HtW8wu/AtnvP49tu19hOuFbw8D4yhgMuD++XNq+gSl/uuewL2kBtMeZQeULo0Lpvc1AZ7GObTXObHBuvrxnrNjx3XCt9yEiLi2qkuX7wTrP+mtfvwOplEeRjffx5/oshpgrIf/AJuMOrfeHWW/SDmX4Va/e0d+800rY58aT04X6Vz39OUMh8rgB5q4IUqT8QWWv66Rh/hpjcjCqZSUFUZDZvwe1C0zChYOeSZSnl623VekCeq+YzSgwU3SdNrchIvwW4Ob/LsJ0qIeHN3mvVlyh2RH3mPdojiL6WJHEYR8oRyhC2aSvwGGYHAlrj8Hqg7+MAvCbhrOKLJE4VA2jkggkm3g3keytAlWafs0Udr/SO945dMPIigrzbrsQDvUFNTU4G0CXnsojb4wwRA9Qim8zH8OTJ6u3Bhg/Xt5VPWytqACHOK7s/PApIBsfcjeTrjhS6RHp1Y= Number of files that were processed is: 1230

Emails

[email protected]

Targets

- Target
  
  69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b
- Size
  
  80KB
- MD5
  
  8152a3d0d76f7e968597f4f834fdfa9d
- SHA1
  
  c3cf05f3f79851d3c0d4266ab77c8e3e3f88c73e
- SHA256
  
  69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b
- SHA512
  
  eb1a18cb03131466a4152fa2f6874b70c760317148684ca9b95044e50dc9cd19316d6e68e680ce18599114ba73e75264de5dab5afe611165b9c6c0b5f01002b4
Score

10^/10

hakbit ransomware spyware
- Hakbit
  Ransomware which encrypts files using AES, first seen in November 2019.
  ransomware hakbit
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
behavioral1 behavioral2