General
-
Target
3ccc016464e41de7be959c3b00bda1296eee1c50a2897e05c1abbc9034b23027.bin.sample.gz
-
Size
123KB
-
Sample
210205-6nvf8dqgpe
-
MD5
bd60d0d73d79e4b305187edfd3a9b052
-
SHA1
3a857ffdf152a8f5124ad4860aeb46a605a2ef61
-
SHA256
2b873b527a7c4095247febb6ccbe32eca19a5adbe563c76606ab16814dd3975b
-
SHA512
49950506c1b277ae40bb6c076bd8c87d6e5c7e88de0eddf56716f8443673f4e60a49dbf238136a8443e2af82f46274e58359b43750606ca4a60052b83f1af64b
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
123KB
-
MD5
fb603212ae67789de5ce5f41a6d0705e
-
SHA1
1ff8e880a61c4b932b8f52e8353a5310152ba160
-
SHA256
3ccc016464e41de7be959c3b00bda1296eee1c50a2897e05c1abbc9034b23027
-
SHA512
45ebd60fe2801b60e061a2eaf58e016f1f966a688b2fc205e097cc67824e3c259d3271e78f644ab81671ff381ed8aec125499bc071ab3657b08ef36e55b849eb
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-