General
-
Target
353086a213c6868d07ef24f82ae4786d2f4a1af67530e925a7cf53a49ea3964f
-
Size
1.3MB
-
Sample
210302-mcgd9mvges
-
MD5
1305df0e5a017ec3ce66a83bd631428e
-
SHA1
b38535cedd5d539a1d91a335fe306f5a0dccbfdb
-
SHA256
353086a213c6868d07ef24f82ae4786d2f4a1af67530e925a7cf53a49ea3964f
-
SHA512
fc693e8b04230a825a4f79ee797845f00a272530d77e3d5191c469a2ddbbc50e64de4b13cf8b6fba70922224b4b5ca86720f6fc0c88a206f10f326d10aaaa0fe
Static task
static1
Behavioral task
behavioral1
Sample
353086a213c6868d07ef24f82ae4786d2f4a1af67530e925a7cf53a49ea3964f.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
353086a213c6868d07ef24f82ae4786d2f4a1af67530e925a7cf53a49ea3964f
-
Size
1.3MB
-
MD5
1305df0e5a017ec3ce66a83bd631428e
-
SHA1
b38535cedd5d539a1d91a335fe306f5a0dccbfdb
-
SHA256
353086a213c6868d07ef24f82ae4786d2f4a1af67530e925a7cf53a49ea3964f
-
SHA512
fc693e8b04230a825a4f79ee797845f00a272530d77e3d5191c469a2ddbbc50e64de4b13cf8b6fba70922224b4b5ca86720f6fc0c88a206f10f326d10aaaa0fe
Score10/10-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-