Extracted

• • Target

    MOSS.exe

  • Size

    190KB

  • MD5

    b1d5ffd0e1e56f056f429b9b96be08e3

  • SHA1

    46a09183d478f0ee9f5322e32ab38cbb0cdf444b

  • SHA256

    d29b8160e51dd29474f3464111fc888da8adb2bc2f0d4f29ce71219ffc846bd5

  • SHA512

    4c23dd6914234db4718569175722c5b8c7b65348a77504c9fcf6ff62a9088ac6643e3be875afd5546cec3d7ff188ab4e7457fd796ac964e8e1d72c2bfa74fa5c

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1behavioral2