General
-
Target
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa.bin.sample
-
Size
31KB
-
Sample
201216-jdc4k8xkgx
-
MD5
17203842d20a3f9f1bd351fa1e74bc0a
-
SHA1
aab2c104c49616776c563e667a211b62b37a2891
-
SHA256
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa
-
SHA512
b29e928a20e1969545f3172ab37a75ef8d4b3d896b68fc55a2be1ae74214d2456ce994f589feb5dc33d21d21ef3dae44d81d48fc3c524288c96d60aa6a7c053a
Static task
static1
Behavioral task
behavioral1
Sample
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa.bin.sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa.bin.sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa.bin.sample
-
Size
31KB
-
MD5
17203842d20a3f9f1bd351fa1e74bc0a
-
SHA1
aab2c104c49616776c563e667a211b62b37a2891
-
SHA256
4d0294b99043ac0ee0c9ce751e94f11244474803b16028347eab6437e9aaaafa
-
SHA512
b29e928a20e1969545f3172ab37a75ef8d4b3d896b68fc55a2be1ae74214d2456ce994f589feb5dc33d21d21ef3dae44d81d48fc3c524288c96d60aa6a7c053a
Score10/10-
Detected Xorist Ransomware
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-