General
-
Target
7de425238719622bf2b2150591631b0a71d6a5dade419a4e67b9bdbfa272b559.bin
-
Size
58KB
-
Sample
201103-6xk2xkf61j
-
MD5
432a1dd2d40e5b0f6385096847efd3b2
-
SHA1
f5735932baf8b04a8e1ca622ff06d37a9db29d9f
-
SHA256
7de425238719622bf2b2150591631b0a71d6a5dade419a4e67b9bdbfa272b559
-
SHA512
0d713fa5ca52322ea2295d305adbcecc83aaf6b46024987a483112fbbc4c47db6695d0e019b7e68f1a8fe53ff4cbbb4010a981a3fa91eb9be42ebccc75118c1e
Malware Config
Targets
-
-
Target
7de425238719622bf2b2150591631b0a71d6a5dade419a4e67b9bdbfa272b559.bin
-
Size
58KB
-
MD5
432a1dd2d40e5b0f6385096847efd3b2
-
SHA1
f5735932baf8b04a8e1ca622ff06d37a9db29d9f
-
SHA256
7de425238719622bf2b2150591631b0a71d6a5dade419a4e67b9bdbfa272b559
-
SHA512
0d713fa5ca52322ea2295d305adbcecc83aaf6b46024987a483112fbbc4c47db6695d0e019b7e68f1a8fe53ff4cbbb4010a981a3fa91eb9be42ebccc75118c1e
Score10/10-
WastedLocker
Ransomware family seen in the wild since May 2020.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Possible privilege escalation attempt
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-