General
-
Target
1.exe
-
Size
41KB
-
Sample
210511-fmzenacd6j
-
MD5
a14e07f7da701bd91108f988862a71a0
-
SHA1
bcbe67c6518e68d4056f10fe9191d2900d06190f
-
SHA256
bc32a2ccf158ebe2b76646be865a4c6dd91da6b8e5bb0dd9520102a9bfea5439
-
SHA512
06df2cd0ff26e8452cf139751f498db63d04a85f59a6ccf2e308c8c830fdd15c2dcdee9697e61a22da58c932e6f9440a134f1e6fff3d42d87f0ce97bf4a85442
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v20210410
Malware Config
Extracted
C:\\README.efaa031a.TXT
darkside
http://darksidedxcftmqa.onion/blog/article/id/6/dQDclB_6Kg-c-6fJesONyHoaKh9BtI8j9Wkw2inG8O72jWaOcKbrxMWbPfKrUbHC
http://darksidfqzcuhtk2.onion/K71D6P88YTX04R3ISCJZHMD5IYV55V9247QHJY0HJYUXX68H2P05XPRIR5SP2U68
Targets
-
-
Target
1.exe
-
Size
41KB
-
MD5
a14e07f7da701bd91108f988862a71a0
-
SHA1
bcbe67c6518e68d4056f10fe9191d2900d06190f
-
SHA256
bc32a2ccf158ebe2b76646be865a4c6dd91da6b8e5bb0dd9520102a9bfea5439
-
SHA512
06df2cd0ff26e8452cf139751f498db63d04a85f59a6ccf2e308c8c830fdd15c2dcdee9697e61a22da58c932e6f9440a134f1e6fff3d42d87f0ce97bf4a85442
Score10/10-
DarkSide
Targeted ransomware first seen in August 2020. Operators steal data to use as leverage.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-