General
-
Target
11111.exe
-
Size
106KB
-
Sample
201127-gzqpqwr97a
-
MD5
07a15313757ed67c6d187915c4d7798b
-
SHA1
9c23b9c49f32ba7e6b86584999f4c2731d9f51c5
-
SHA256
8a6ccb73904af08c420298684db08dbc7a703deafe42c2261c7c1ee230b02a82
-
SHA512
6218edacd09cc831f53729938e464563292de4b07a1e65bb025ddc1d3b8c53ad79cbba74231fab6ba1104c5aad28a066b20e169a460228c897ecf1e74c8d0983
Malware Config
Targets
-
-
Target
11111.exe
-
Size
106KB
-
MD5
07a15313757ed67c6d187915c4d7798b
-
SHA1
9c23b9c49f32ba7e6b86584999f4c2731d9f51c5
-
SHA256
8a6ccb73904af08c420298684db08dbc7a703deafe42c2261c7c1ee230b02a82
-
SHA512
6218edacd09cc831f53729938e464563292de4b07a1e65bb025ddc1d3b8c53ad79cbba74231fab6ba1104c5aad28a066b20e169a460228c897ecf1e74c8d0983
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-