Analysis
-
max time kernel
61s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
16-04-2021 01:16
General
-
Target
daossoft-rar-password-rescuer.exe
-
Size
3.2MB
-
MD5
b11ebc222d8e3ef1d307edab1f9d6912
-
SHA1
8408ca9375858485cd310ff376936025dc69f043
-
SHA256
7bec8fd7702e2d5e6c9b1a28f1233447c530db81bdfc960130cff97381595a42
-
SHA512
d66908e5a52979571985e29cde71766c235b53aae2658822cda2e2cbd7439e7dee62f307a8cce5583a424d9995772fb046b8df15b3b0588d2fceb1ed46d5f904
Score
10/10
Malware Config
Extracted
Path
C:\Program Files (x86)\Daossoft RAR Password Rescuer\DaossoftDictionary.txt
Family
ryuk
Ransom Note
ab
an
do
em
ge
go
ha
ho
im
in
jo
ju
ki
ko
ku
li
ma
na
no
oe
oh
ok
om
pu
ra
ro
sa
so
to
um
us
ye
yi
yu
aaa
aab
aac
aad
aae
aaf
aag
aai
aak
aal
aam
aan
aap
aar
aas
aau
aaw
aaz
aba
abb
abc
abd
abe
abf
abh
abi
abj
abk
abl
abm
abo
abp
abq
abr
abs
abt
abu
abv
abw
abx
aby
abz
aca
ace
acg
ach
aci
ack
aco
acr
acs
act
acu
acx
acy
ada
adb
add
ade
adg
adh
adi
adj
adl
adm
adn
ado
adp
adq
adr
ads
adt
adu
adv
adw
adx
ady
adz
aea
aeb
aed
aef
aeh
aei
aek
ael
aep
aes
aet
aev
aex
aey
aez
afa
afb
afd
afe
aff
afj
afl
afo
afp
aft
afu
afv
afx
aga
age
agg
agh
agi
agk
agm
ago
agr
agt
agu
agw
agx
agy
aha
ahc
ahe
ahg
ahi
ahk
ahl
ahm
ahn
aho
ahp
ahr
ahs
ahu
aia
aib
aic
aid
aig
aih
aik
ail
aim
ain
aio
aip
air
ais
ait
aiu
aix
aiy
aiz
aja
ajb
ajd
aje
ajf
ajg
ajh
aji
ajj
ajk
ajl
ajm
ajn
ajo
ajp
ajq
ajr
ajs
ajt
aju
ajv
ajw
ajx
ajy
ajz
aka
akc
akd
ake
akh
aki
akj
akk
akl
akn
ako
akr
aks
akt
aku
akv
akw
ala
alb
ald
ale
alf
alg
alh
ali
alk
all
alm
alo
alp
alq
als
alt
alu
alw
aly
alz
ama
amb
amc
amd
ame
amf
amg
ami
amk
amm
amn
amo
amp
amr
ams
amt
amy
ana
anb
anc
and
ane
anf
ang
anh
ani
anj
ank
anl
ann
ano
anp
anr
ans
ant
anv
anx
any
anz
aoa
aob
aoc
aod
aoh
aoi
aol
aon
aor
aos
apa
apc
ape
apf
aph
api
apo
app
aps
apt
apu
apy
aqb
aqh
aqi
aqq
aqr
aqu
ara
arb
arc
ard
are
arf
arg
arh
ari
arj
ark
arl
arm
arn
aro
arp
arq
arr
ars
art
aru
arv
arw
arx
ary
arz
asa
asb
asd
ase
ash
asi
ask
asn
aso
asp
ass
ast
asu
ata
ate
atf
atg
ath
ati
atk
atm
ato
atq
ats
att
atu
atw
aty
atz
aub
aud
aue
auf
aug
auh
auj
auk
aul
aum
aun
aur
aus
aut
auw
aux
auy
auz
ava
avb
avc
avd
ave
avf
avg
avh
avi
avj
avl
avn
avo
avp
avr
avs
avt
avu
avv
avy
avz
awa
awb
awe
awk
awl
awn
awo
aws
axa
axe
axl
axm
axp
axq
axt
axx
aya
ayb
ayc
ayd
aye
ayh
ayi
ayl
aym
ayn
ayo
ayp
ayr
ays
ayt
ayx
ayz
aza
azc
azd
aze
azf
azh
azi
azj
azl
azm
azo
azp
azq
azr
azt
azu
azv
azw
azx
azz
baa
bab
bac
bad
bae
bag
bah
bai
baj
bak
bal
bam
ban
bao
bap
bar
bas
bat
bau
baw
bax
bay
baz
b'b
bba
bbb
bbe
bbi
bbp
bbs
bby
b'c
bce
bch
bcj
bcp
bct
bda
bdb
bdc
bde
bdh
bdi
bdl
bdm
bdn
bdo
bdp
bdq
bdr
bds
bdv
bea
bec
bed
bee
beg
beh
bei
bej
bek
bel
bem
ben
beo
bep
ber
bes
bet
beu
bev
bew
bex
bey
bez
b'f
bfa
bfp
bgc
bgg
bgh
bgi
bgn
bgp
bgx
bgz
b'h
bhc
bhe
bhp
bhz
bia
bib
bic
bid
bie
bif
big
bij
bik
bil
bim
bin
bio
bip
bir
bis
bit
bix
biz
b'j
bjp
bjs
bkc
bke
bko
bks
bkt
bla
bld
ble
blg
blh
bli
blj
bll
bln
blo
bls
blu
blv
blw
blx
bly
bml
bmp
bmx
b'n
bnd
bnp
bnz
boa
bob
boc
bod
boe
bof
bog
boh
boi
boj
bok
bol
bom
bon
boo
bop
bor
bos
bot
bou
bov
bow
box
boy
boz
b'p
bpc
bpd
bpi
bps
b'q
bqe
bqi
bqp
b'r
bra
brb
bre
brg
brh
bri
brj
bro
brt
bru
bry
brz
bsb
bsg
bsh
bsn
bsp
bsq
bss
bta
btd
btf
bto
btp
btr
bts
btv
bty
btz
bua
bub
buc
bud
bue
buf
bug
buh
bui
buk
bul
bum
bun
buo
bup
bur
bus
but
buu
bux
buy
buz
b'v
bvk
bvs
b'w
bwp
bws
bwy
b'x
bxc
bxj
bxm
bxn
bxp
bxs
byc
byd
bye
byg
byh
byi
byj
byk
byl
bym
byn
byo
byp
bys
byw
b'z
bzp
c'a
cab
cac
cad
cae
caf
cag
cah
cai
caj
cak
cal
cam
can
cao
cap
car
cas
cat
cau
cav
caw
cax
cay
caz
c'b
cbb
cbd
cbi
cbk
cbl
cbr
cbt
cbu
cbx
cca
ccb
ccc
cci
ccm
ccn
ccq
ccr
ccs
ccu
ccy
cda
cdb
cdd
cde
cdh
cdi
cdl
cdn
cdo
cdq
cdr
cds
cdt
cdu
cdx
cea
cec
ced
cee
cef
ceh
cei
cej
cek
cel
cen
ceo
cep
cer
cey
c'f
cfl
cfn
cfp
cft
cgd
cgp
cha
chc
chd
che
chh
chi
chk
chl
cho
chp
chr
chs
cht
chu
chy
c'i
cia
cic
cid
cie
cig
cih
cij
cik
cil
cin
cio
cip
cir
cis
ciu
ciz
c'j
cjd
cjg
cjo
cjp
cjt
cju
cjx
cke
cki
ckp
cks
cky
cla
clb
cle
clf
clh
cli
clk
cll
clo
clp
cls
clu
clw
cly
clz
cmc
cmo
cmp
cms
cmt
cna
cnd
cnl
cnq
cnu
cnx
c'o
coa
cob
coc
coe
cof
cog
coh
coi
coj
cok
col
com
con
coo
cop
coq
cor
cos
cot
cou
cov
cow
cox
coy
coz
c'p
cpa
cpb
cpc
cpe
cpf
cph
cpj
cpk
cps
cpt
c'q
cqa
cqd
cqe
cqf
cqh
cqj
cqm
cqr
cqu
cqy
c'r
cre
crf
cri
cro
crp
crr
crs
cru
crx
cry
c's
csa
csh
csi
csp
csr
css
ctb
ctc
ctd
ctf
ctg
ctj
cto
ctr
ctu
ctw
ctz
cua
cub
cuc
cud
cue
cuf
cug
cuh
cui
cuk
cul
cum
cun
cup
cur
cus
cut
cux
cuy
cuz
c'v
cvb
cvc
cwi
cwr
cwx
c'x
cxb
cxg
cxn
cxp
cya
cyb
cyc
cye
cyh
cyk
cyl
cym
cyr
cys
cyu
cyz
cza
czb
czc
czh
czj
czp
d'a
daa
dab
dac
dad
dae
daf
dag
dah
dai
daj
dak
dal
dam
dan
dao
dap
dar
das
dat
dau
dav
daw
dax
day
daz
d'b
dbb
dbc
dbd
dbe
dbf
dbg
dbh
dbi
dbj
dbk
dbl
dbm
dbn
dbo
dbp
dbq
dbt
dbu
dbw
dbx
dby
dca
dcb
dcc
dcd
dce
dcf
dcg
dci
dcj
dck
dcl
dcn
dcr
dct
dcw
d'd
ddb
ddc
ddd
dde
ddf
ddg
ddh
ddi
ddj
ddk
ddl
al
cy
di
ed
em
jo
mo
oz
ty
vi
abe
ace
ada
alf
ami
amy
ann
arn
art
ash
ava
bea
bee
ben
bev
bob
bud
cal
cam
dan
dax
deb
dee
den
des
dom
don
dot
dre
eli
ely
ern
eva
eve
fae
fay
flo
fox
gae
gay
gib
gil
gus
guy
hal
ian
ida
ike
ina
ira
ivy
jae
jan
jay
jeb
jed
jem
jen
jep
jim
joe
joi
jon
joy
kae
kam
kat
kay
ken
kev
kim
kip
kit
kym
laz
lee
len
leo
les
lex
liz
lon
lou
mae
mat
max
may
meg
mel
mia
moe
mya
nan
nat
ned
nic
oli
ora
pam
pat
peg
pen
pip
pru
rae
ray
red
reg
rex
rob
rod
ron
ros
roy
roz
rue
sal
sam
sky
sly
ste
stu
sue
syd
tad
ted
tel
tex
tia
tim
tod
tom
tye
val
van
vic
vin
wat
wil
zac
zak
zed
zoe
abbi
abby
abel
adam
addy
aden
alan
alea
alec
alex
ally
alma
alva
alys
alyx
amie
amos
andi
andy
anna
anne
aria
aric
arin
asia
aura
avis
babs
barb
bart
beau
benj
bert
bess
beth
biff
bill
brad
bram
bret
buck
burt
cade
cale
cara
cari
carl
cary
cash
cass
cate
chad
chas
chaz
cher
chet
chip
clay
clem
cleo
coby
cody
cole
cora
cori
cory
coty
cree
curt
cyan
dale
daly
dana
dane
dani
dave
davy
dawn
dean
debi
dell
dena
dene
deon
dick
dina
dion
dirk
dona
dora
dory
doug
drea
drew
duke
dyan
earl
ebba
eben
eddy
eden
edie
edna
elea
ella
elle
elly
elmo
elsa
emil
emma
emmy
eric
erik
erin
erle
erma
eryn
esta
etta
eula
evan
evie
ezra
fawn
faye
fern
fitz
ford
fran
fred
fulk
gabe
gage
gail
gale
gary
gaye
gena
gene
gill
gina
glen
gord
gore
gray
greg
grey
gwen
hale
hall
hamo
hank
haze
herb
hope
hoyt
huey
hugh
hugo
iggy
iona
ione
iris
irma
issy
ivan
ivor
izzy
jaci
jack
jada
jade
jake
jaki
jami
jane
jaye
jean
jeff
jena
jeni
jenn
jere
jeri
jess
jett
jill
jimi
joan
joby
jodi
jody
joel
joey
john
jojo
joni
josh
joss
joye
judd
jude
judi
judy
july
june
kade
kara
karl
kate
katy
kaye
keir
kemp
kent
keri
kerr
kian
kiki
king
kira
kirk
knox
kody
kole
kori
kory
kris
kyla
kyle
kyra
lacy
lake
lana
lane
lara
lark
leah
lela
lena
leon
leta
levi
lexa
lexi
lexy
lily
lina
lisa
lise
lita
liza
lois
lola
lora
alyse
amber
amery
amias
amity
amyas
andie
andra
andre
angel
angie
angus
anima
anise
anita
annie
annis
anona
ansel
anson
april
arden
ariel
arlen
arlie
arnie
arron
arvel
asher
aspen
aston
astor
astra
audie
audra
avery
avice
avila
avril
aydan
ayden
azura
azure
bambi
barry
basil
becca
becci
becka
becky
bekki
bella
belle
benji
benjy
benny
berry
beryl
betsy
bette
betty
bevis
biddy
billy
bindy
blair
blake
blaze
bobbi
bobby
boyce
brady
brand
brant
brent
brett
brian
briar
brice
brion
brock
brody
brook
bruce
bryan
bryce
brynn
bryon
buddy
buffy
bunny
burke
byrne
byron
caden
cairo
caleb
calla
candi
candy
caren
carey
caris
carla
carly
carol
carry
caryl
caryn
casey
cathy
ceara
cecil
cedar
celia
chase
cheri
chile
china
chloe
chris
chuck
chyna
ciara
ciera
cindi
cindy
cissy
clair
clara
clare
clark
claud
cleve
cliff
clint
clive
clyde
codie
colby
colin
conor
coral
corey
corie
cosmo
craig
cyndi
cyril
cyrus
dacre
daisy
daley
dalia
damon
danni
danny
darby
darcy
daren
daria
darin
darla
daryl
davey
david
davie
davin
davis
dayna
deana
debbi
debby
debra
deena
deion
delia
della
delma
delta
denis
denny
derby
derek
detta
devan
deven
devin
devon
devyn
diana
diane
diann
digby
dinah
dione
dixie
dixon
docia
dodie
dolly
dolph
donna
donny
doria
doris
dotty
drake
dreda
drina
drogo
duana
duane
dusty
dwain
dylan
dyson
earle
ebony
eddie
edgar
edith
edric
edwin
edwyn
effie
eldon
elias
elihu
eliot
elisa
elise
eliza
ellen
ellie
ellis
elmer
elroy
elsie
elton
elvin
elvis
elwin
elwyn
elyse
emely
emery
emily
emmet
emmie
emory
enola
eppie
erica
erick
erika
ernie
errol
essie
ethan
ethel
ettie
evvie
ewart
faith
fancy
fanny
faron
felix
femie
ferdy
ferne
fleur
flick
flora
floyd
dc
di
dj
do
eb
ed
ee
em
eo
fm
fu
io
it
jd
jj
jo
jp
jr
jt
ki
kp
ku
ma
mc
mo
mu
no
og
ox
oy
oz
pc
pi
pj
py
ra
rj
ro
sv
sy
tc
tu
tv
ty
uh
vi
xl
xo
xs
yo
abc
abe
abi
abs
abu
aby
ace
ada
ahi
air
aja
aki
aku
ale
alf
ali
ama
ami
amy
ana
ani
ann
aoi
ape
apu
arf
ari
art
ash
ava
awk
axl
aye
bag
bam
bas
bat
bay
baz
bea
ben
big
bis
bit
blt
blu
boa
bob
boi
boo
bor
boy
boz
bro
bub
bud
bug
bum
cab
cad
cal
cat
chi
cid
coo
cop
cow
cub
cue
cyd
dab
dag
dak
dan
dar
dax
dba
dbx
dea
deb
dee
del
den
dew
dez
dio
dix
diz
doc
dog
dom
don
doo
dot
dua
dun
ebi
ebs
edo
edy
ego
eh?
ekg
eko
ela
elf
eli
emi
emo
emu
ese
esp
eva
eve
fax
fay
fdr
feo
fez
fig
flo
fly
fog
foo
fos
fox
fum
fur
fyi
gag
gam
gay
gee
gem
gex
gib
gin
gob
gus
guy
haj
hal
ham
hap
hay
hex
osborne
osceola
oshkosh
osirira
osmosis
ostrich
othello
ottomar
outtake
owas-sa
pacific
packcat
packrat
pacorro
paddles
padfoot
padlock
padrino
pahlavi
painter
paintor
paisley
paladin
palermo
palmate
palooka
paloosa
pan-pan
panacea
panache
pancake
pandita
pandora
pankake
pantera
panther
panthro
paolina
papilla
papoose
paprika
papyrus
paquito
parable
paragon
paramon
parkway
parnell
parsley
parsnip
partner
pascale
pashmak
passion
passive
passura
pasteur
patchee
patches
pathina
patient
patoche
patrice
patrick
patriot
paulann
paulina
pauline
paulino
paulita
pavlova
paw-bot
pawlina
pawline
pawsome
peaball
peabody
peaches
peachie
peanuts
pebbles
peddler
pee wee
peep-bo
peepers
peevies
pegasus
pelagea
pelican
penguin
peppino
peppurr
pequena
percent
perdita
perdito
peritar
perkins
peronel
perseus
perzazz
pescame
petinka
petrice
petrina
petrona
petulia
petunia
peugeot
pfeffer
phaedra
phantom
pharaoh
pharoah
pheonix
phibsie
phil ii
philbob
phineas
phoenix
phurson
phyllis
picasso
piccilu
piccolo
pickett
pickles
pieball
pierrot
piffles
pigasus
pigfoot
pigment
pikaboo
pikachu
pikachy
pilgrim
pimpsta
pinenut
pinhead
pinkish
pinkney
pioneer
piranha
pitiful
pititsa
piwaket
pizzazz
placebo
plastic
platoon
playboy
playful
pleades
plowboy
plumber
poacher
pointer
pokanos
pokemon
pokipsy
polaris
polifax
politix
pollack
pollina
pom-pom
ponkles
poo-poo
poochie
pooders
pookers
pookner
poolena
poopsie
pooshka
popcorn
popover
poppela
poppett
poppins
popples
poptart
porsche
portnoy
postcar
postman
potluck
pottier
pouncer
pounter
prancer
preemie
premier
preppie
presley
preston
pretzel
prickle
primula
printer
prisila
private
procyon
prodigy
progidy
promise
prowler
prrzetz
puccini
puchtka
pudding
puddles
puddnum
pugnose
pugsley
pumpkin
puppers
purcell
purrbox
purrdie
purrzie
pursula
pushkin
pusscat
pussita
pusskin
pussums
puzzles
pyanfar
pywacki
qiturah
quacker
quantas
quantum
quanyin
quarter
queenie
quennel
quentin
querida
questor
quetzal
quibble
quiches
quicken
quickie
quigley
quillan
quinley
quinlin
quintin
quit it
quixote
quizzie
r2catd2
raccoon
raceway
radburn
radinka
rafaela
rafajia
raffles
ragdoll
raggedy
raggles
ragtime
ragweed
rah rah
railway
rainbow
raleigh
ralphie
ralston
ramadan
rambler
rameesh
rameses
ramirez
rampart
randall
raphael
rapture
rat-boy
ratatat
ratchet
rattail
rattler
rattles
ravenna
ravioli
rawhide
ray man
rayburn
raylene
raymond
razilee
reactor
rebecah
rebecca
rebekah
rebeque
rebound
recycle
redbone
redford
redfurr
redgent
redhead
redline
redmond
redneck
redrose
redwood
reebuls
regulus
renauld
renault
renelle
renovia
requiem
rescued
rescuer
resigne
retread
reuters
revekka
reynold
rheilly
rhianna
rhubarb
rhubard
ribbons
ricardo
richard
richmal
richter
rickles
ricotta
riddler
riddles
rimbaud
rin rin
riptide
ritalin
rob roy
roberta
robinia
robocat
rodesia
rodrigo
rodster
roedtop
rolaids
rolande
romaine
romance
romulus
ronaldo
rondeau
rooikat
rooster
rosalyn
rosanna
rosario
rosebud
rosheen
rossini
route 3
roxanna
roxanne
roxette
roxysan
rozalia
rudbert
rudolph
rudyard
ruffian
ruffles
rug rat
ruggles
rum tum
rumball
rumbles
rumhead
rumples
runaway
ruppert
rusafee
russell
russian
rustler
ruthine
s'kitty
s'mores
sabaean
sabbaee
sabbath
sabella
sabriel
sabrina
sacchan
sachiko
sackett
saffron
sagitta
sakarja
salazar
salerno
salt ii
sam cat
samarra
samatha
sambuca
sambuka
samitha
samoset
sampras
sampson
samurai
samwise
san soo
sanborn
sandeep
sanders
sandler
sandman
sangria
sanibel
santana
santini
sarazen
sargent
sarnoff
sashimi
sassoon
satchel
satchmo
saucers
sausage
sauvage
savalas
savanah
savanna
savvers
scallop
scamper
scandal
scardey
scaredy
scarlet
scatter
schatze
schmedl
schmidt
schnook
schnooz
schuler
schultz
schuman
scissor
scoobie
scooter
scorpio
scottie
scrappy
scratch
scrawny
beraal
berber
bergen
berlin
bernie
bertha
bertie
bessie
betsie
beulah
bianca
bianco
bibble
biffin
bigboy
bigger
bigguy
bigmac
bigred
bigwig
billie
billow
bilqna
bimini
binbin
bintje
binzer
bionic
bipsey
bishop
bisket
bisque
bister
bistro
bitney
bitsey
bixler
bizkit
blacky
blaise
blanca
blaxie
bleach
bleary
blight
blimpy
blinky
blosom
blotch
blotto
bobbie
bobbin
bobbos
bobcat
bobsey
bodeer
boffin
bogart
bohboh
boiler
boingo
bolero
bollox
bomart
bomber
bommel
bonbon
bondie
boneta
bongie
bonita
bonnie
bonsai
bonzai
boober
booboo
boodle
boofer
boogee
booger
boogie
booker
bookie
boolee
boomer
bootes
bootsy
boozer
bopper
border
borgia
borris
bosley
boston
botham
boubie
boulis
bounce
bounty
bovine
bowser
bowtie
boysie
brahms
brains
braise
braley
brandi
brando
brandy
brassy
brawny
breezy
bremen
brenda
brenna
bridge
bridie
bright
brilla
brillo
brindi
brinks
brioni
brocky
brodie
broker
bronco
bronte
bronze
brooke
brooks
brumas
brutis
brutus
bryant
bubbie
bubble
bubkas
bucket
buckle
buddha
budroe
budrow
buffet
buffie
buford
bugger
buglet
bullet
bumble
bumper
bundah
bundle
bungee
bungie
bungle
bunifa
bunkie
bunkin
bunsen
bunter
bunyan
burger
burlap
burton
buster
butkus
butler
butter
button
buxton
buzzie
byblos
bytops
c'mell
c'mere
c-unit
c.a.t.
c.b.s.
c.e.o.
cabana
cabbie
cacity
caddie
cadeca
caelin
caesar
caeser
cagney
caicos
caisan
calaco
calder
calico
callah
callas
callie
calvin
camaro
camber
camden
camera
camiko
camile
camisa
cammie
camper
canaan
c
Signatures
-
Ryuk
Ransomware distributed via existing botnets, often Trickbot or Emotet.
-
Executes dropped EXE 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL 2 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in Program Files directory 19 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\daossoft-rar-password-rescuer.exe"C:\Users\Admin\AppData\Local\Temp\daossoft-rar-password-rescuer.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
-
C:\Program Files (x86)\Daossoft RAR Password Rescuer\RARPasswordRescuer.exe"C:\Program Files (x86)\Daossoft RAR Password Rescuer\RARPasswordRescuer.exe"1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx