General
-
Target
load.ps1.zip
-
Size
551KB
-
Sample
210308-8pwb2c5gfn
-
MD5
a9c2df49e31a3d62c91d2cacfe4a7cd5
-
SHA1
1add1f01a224e40c6c05b905e8162d3fe718e8eb
-
SHA256
875473b38732ac69e3ebaaae4f6f4f3cb12534d4175de132c4eeeb97ba64d226
-
SHA512
d8222a62f1bcd0c6b9eb8f47946f85e2a73464f731cbb0c55360d823372ddfc54ce8d5a4a04dc283255117507c7acd416794d4bf4d41e0db53a1861fcd2170ea
Static task
static1
Behavioral task
behavioral1
Sample
load.ps1
Resource
win7v20201028
Behavioral task
behavioral2
Sample
load.ps1
Resource
win10v20201028
Malware Config
Targets
-
-
Target
load.ps1
-
Size
1.4MB
-
MD5
09a05a2212bd2c0fe0e2881401fbff17
-
SHA1
fbb6f8dae1753cd2a282ee161bc5496486cc06f7
-
SHA256
b41a303a4caa71fa260dd601a796033d8bfebcaa6bd9dfd7ad956fac5229a735
-
SHA512
8d0dd3a7d6adaa690a3f7625a573b8c50cfa9d40fa17836b7e8ab8a10bfe67f4eaf0720cedda0c1d2986e7e70770a097ad8af2a9e24ccd595514a0384cbc275f
Score10/10-
SunCrypt Ransomware
Family which threatens to leak data alongside encrypting files. Has claimed to be collaborating with the Maze ransomware group.
-
Blocklisted process makes network request
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-