General
-
Target
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142
-
Size
919KB
-
Sample
210411-644wb29rwa
-
MD5
2716659c3b1e8927dcb2e418e99b1ea5
-
SHA1
0428a2ead08f005f3c90a493e10207322d8a429b
-
SHA256
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142
-
SHA512
db25a1d046f6e83b3d7ba1d6205b04de6f74581837f0d293f6f9983975c8bad2b8cc53e956454ab8528f3350bba3abe04032c3b6b1c1a0c0c844d40f9b957b64
Static task
static1
Behavioral task
behavioral1
Sample
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142
-
Size
919KB
-
MD5
2716659c3b1e8927dcb2e418e99b1ea5
-
SHA1
0428a2ead08f005f3c90a493e10207322d8a429b
-
SHA256
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142
-
SHA512
db25a1d046f6e83b3d7ba1d6205b04de6f74581837f0d293f6f9983975c8bad2b8cc53e956454ab8528f3350bba3abe04032c3b6b1c1a0c0c844d40f9b957b64
Score9/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-