General
-
Target
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368
-
Size
52KB
-
Sample
201125-np1nsj26te
-
MD5
130220f4457b9795094a21482d5f104b
-
SHA1
0231ec4bfa03db42f5486c425d47cf9aed5ce3e4
-
SHA256
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368
-
SHA512
17fddebc544c4506a6b73ab1fdb53ddb6376054079c506fa4216406b3c45f44a1d0683056b228551f2b111ce87c09899b975f82743d9bfd52282ee5b83684e4f
Static task
static1
Behavioral task
behavioral1
Sample
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368.exe
Resource
win10v20201028
Malware Config
Extracted
C:\\README.c985fbb9.TXT
darkside
http://darksidedxcftmqa.onion/blog/article/id/6/dQDclB_6Kg-c-6fJesONyHoaKh9BtI8j9Wkw2inG8O72jWaOcKbrxMWbPfKrUbHC
http://darksidfqzcuhtk2.onion/K71D6P88YTX04R3ISCJZHMD5IYV55V9247QHJY0HJYUXX68H2P05XPRIR5SP2U68
Targets
-
-
Target
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368
-
Size
52KB
-
MD5
130220f4457b9795094a21482d5f104b
-
SHA1
0231ec4bfa03db42f5486c425d47cf9aed5ce3e4
-
SHA256
e0c0cbc50a9ed4d01a176497c8dba913cbbba515ea701a67ef00dcb7c8a84368
-
SHA512
17fddebc544c4506a6b73ab1fdb53ddb6376054079c506fa4216406b3c45f44a1d0683056b228551f2b111ce87c09899b975f82743d9bfd52282ee5b83684e4f
Score10/10-
DarkSide
Targeted ransomware first seen in August 2020. Operators steal data to use as leverage.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-