33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e

General

Target

cubaransomware.exe
Size

160KB
Sample

210506-y8thtdqm5x
MD5

d8fd19fef4605b4217cb2546c470a918
SHA1

79786955d426945054e6d02050b8f9ada01e39ef
SHA256

33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e
SHA512

903a230ca10b445e77057affec44d40160b6606e28ab5d734a8a6434948bf6a51b264a4505451412c0dee63b56cf44d50096e71db3c8d579eb63f9b6bd4465f4

Score

10^/10

ransomware

Malware Config

Extracted

Path

\??\Volume{efb60be4-9a04-11eb-be03-806e6f6e6963}\Program Files\7-Zip\Lang\!!FAQ for Decryption!!.txt

Ransom Note

Good day. All your files are encrypted. For decryption contact us. Write here helpadmin2@protonmail.com reserve helpadmin2@cock.li We also inform that your databases, ftp server and file server were downloaded by us to our servers. * Do not rename encrypted files. * Do not try to decrypt your data using third party software, it may cause permanent data loss. * Do not stop process of encryption, because partial encryption cannot be decrypted.

Emails

helpadmin2@protonmail.com

helpadmin2@cock.li

Targets

- Target
  
  cubaransomware.exe
- Size
  
  160KB
- MD5
  
  d8fd19fef4605b4217cb2546c470a918
- SHA1
  
  79786955d426945054e6d02050b8f9ada01e39ef
- SHA256
  
  33352a38454cfc247bc7465bf177f5f97d7fd0bd220103d4422c8ec45b4d3d0e
- SHA512
  
  903a230ca10b445e77057affec44d40160b6606e28ab5d734a8a6434948bf6a51b264a4505451412c0dee63b56cf44d50096e71db3c8d579eb63f9b6bd4465f4
Score

10^/10

ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2