General
-
Target
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76
-
Size
115KB
-
Sample
210411-dgxxcdsemn
-
MD5
5a73d01f81ff11ec92dbc2233c05e15f
-
SHA1
1a05f691f72406155136ecfdf5ddee8e9bfa20ce
-
SHA256
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76
-
SHA512
b58097ddc44ef98d7db107634c1fc8db18b0e1828096e8304aa5864bc14fda3fdc82d69c631c8af39cfbc32a23d6795b3a9d4b717f99860fa7b6bb048fcaecf1
Static task
static1
Behavioral task
behavioral1
Sample
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76.exe
Resource
win10v20201028
Malware Config
Extracted
C:\Users\Admin\Desktop\DecryptGuide.txt
ha7medtit@tutanota.com
araujosantos@protonmail.com
Targets
-
-
Target
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76
-
Size
115KB
-
MD5
5a73d01f81ff11ec92dbc2233c05e15f
-
SHA1
1a05f691f72406155136ecfdf5ddee8e9bfa20ce
-
SHA256
68ea179770a48ab47976303c9b6db79df2a5213b505fa913201ee6ceabf63a76
-
SHA512
b58097ddc44ef98d7db107634c1fc8db18b0e1828096e8304aa5864bc14fda3fdc82d69c631c8af39cfbc32a23d6795b3a9d4b717f99860fa7b6bb048fcaecf1
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-