General
-
Target
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b.bin.sample
-
Size
1020KB
-
Sample
210416-xmdbnj2h4s
-
MD5
c250e298e0a349e8d1faeb5ba6f4a853
-
SHA1
71b774aa592ba435eb8260d6f16e36b67c51babe
-
SHA256
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b
-
SHA512
700a09e44e9d2fd092904886e882e8deb5a6d17d34be8575df6367ef729627a180ee62ea59df6457d965fccbe27809895ca83e1e3b8b7e888f752173eba1cbe1
Static task
static1
Behavioral task
behavioral1
Sample
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b.bin.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b.bin.sample.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b.bin.sample
-
Size
1020KB
-
MD5
c250e298e0a349e8d1faeb5ba6f4a853
-
SHA1
71b774aa592ba435eb8260d6f16e36b67c51babe
-
SHA256
033f4aaa2ca181597644ae7d2f883e05c2d9eea669f71117a312cfd591303c4b
-
SHA512
700a09e44e9d2fd092904886e882e8deb5a6d17d34be8575df6367ef729627a180ee62ea59df6457d965fccbe27809895ca83e1e3b8b7e888f752173eba1cbe1
Score10/10-
Avaddon
Ransomware-as-a-service first released in June 2020 and currently expanding its userbase among criminal actors.
-
Avaddon Ransomware
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-