General
-
Target
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb
-
Size
943KB
-
Sample
201203-34zxrv862j
-
MD5
1062b0544beb5457fb6fe2b42a5d279d
-
SHA1
e0802b7dc9034902afbbe8ce4a2f8a107278b32b
-
SHA256
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb
-
SHA512
2910ecf620c20672c440a647045f91512f17b16a11a701a667f29f17d24b0bf8f8aa56ebcda39111fd72ed9e8dec159622f205da18e31a06bbd84bed654b5b5d
Static task
static1
Behavioral task
behavioral1
Sample
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb
-
Size
943KB
-
MD5
1062b0544beb5457fb6fe2b42a5d279d
-
SHA1
e0802b7dc9034902afbbe8ce4a2f8a107278b32b
-
SHA256
0a365240a36f0958331bb5c9f022d78b816edd66ee25baf4445e7a5421bb75eb
-
SHA512
2910ecf620c20672c440a647045f91512f17b16a11a701a667f29f17d24b0bf8f8aa56ebcda39111fd72ed9e8dec159622f205da18e31a06bbd84bed654b5b5d
Score10/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-