General
-
Target
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f
-
Size
1.3MB
-
Sample
210429-xymx5kn4qa
-
MD5
0e64acab6fb3d50aaebc17e6dfb2d289
-
SHA1
c5c672a4a8ebae04cf7471c56136dce58ccd88f0
-
SHA256
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f
-
SHA512
e797d31d7355d1f222a444fa934599582ffd9593185668382b9ad05ade1086d152f342305fb1b734a4cc0f691b2b4ba70fd8f183f77aa3f6f775a470fb4e7013
Static task
static1
Behavioral task
behavioral1
Sample
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f
-
Size
1.3MB
-
MD5
0e64acab6fb3d50aaebc17e6dfb2d289
-
SHA1
c5c672a4a8ebae04cf7471c56136dce58ccd88f0
-
SHA256
cd19340138f9eab48d20b3bf0a9dc6b4a6908d14cd48511ccefd6dba9e84705f
-
SHA512
e797d31d7355d1f222a444fa934599582ffd9593185668382b9ad05ade1086d152f342305fb1b734a4cc0f691b2b4ba70fd8f183f77aa3f6f775a470fb4e7013
-
Drops file in Drivers directory
-
Modifies Windows Firewall
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-