General
-
Target
sisi.exe
-
Size
846KB
-
Sample
210409-hdh1spyvpj
-
MD5
610729898144b1186e81e057b3abbf88
-
SHA1
5bcb60a576b69259f75c2d43ea58493f651550c1
-
SHA256
7b85a3f5315470c36ba4047a6c849284ff5d738796fcc9d61b8713f8955fa018
-
SHA512
fe5ac0b1684d55c5f9bb820ba02ff2e015c66cb3e8c08316ad2a03be95aa1c665d8c8f6e5effefc2362f015029fe41e0024344730fbd0e0c022d75b82b3c3691
Static task
static1
Behavioral task
behavioral1
Sample
sisi.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sisi.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sisi.exe
-
Size
846KB
-
MD5
610729898144b1186e81e057b3abbf88
-
SHA1
5bcb60a576b69259f75c2d43ea58493f651550c1
-
SHA256
7b85a3f5315470c36ba4047a6c849284ff5d738796fcc9d61b8713f8955fa018
-
SHA512
fe5ac0b1684d55c5f9bb820ba02ff2e015c66cb3e8c08316ad2a03be95aa1c665d8c8f6e5effefc2362f015029fe41e0024344730fbd0e0c022d75b82b3c3691
Score9/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Modifies file permissions
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-