General
-
Target
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f
-
Size
702KB
-
Sample
210528-s1w3th9nen
-
MD5
a91ec7acf0d5902de0f7cb78bd2408d5
-
SHA1
cebd771eb44d932dff4197cdcd19f86f0003e9e9
-
SHA256
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f
-
SHA512
02cac15f62be2e17367cc1c1dcc59d9e9571455ce79a46e289d1d4f04066da6267e1d435b6d3ff3e3f6d582b8ffec1197fe716928512cf1f13d96184c658cd3d
Static task
static1
Behavioral task
behavioral1
Sample
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f.exe
Resource
win10v20210410
Malware Config
Extracted
C:\Users\Admin\Desktop\WnYM0_readme_.txt
Extracted
C:\Users\Admin\Downloads\WnYM0_readme_.txt
Extracted
C:\Users\Default\WnYM0_readme_.txt
Extracted
C:\odt\ABwzf_readme_.txt
Extracted
C:\Users\Admin\Documents\ABwzf_readme_.txt
Extracted
C:\Users\Admin\Favorites\ABwzf_readme_.txt
Extracted
C:\Users\Admin\Searches\ABwzf_readme_.txt
Targets
-
-
Target
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f
-
Size
702KB
-
MD5
a91ec7acf0d5902de0f7cb78bd2408d5
-
SHA1
cebd771eb44d932dff4197cdcd19f86f0003e9e9
-
SHA256
75768b049c2604de6db876b29e47e570baba75850cc322f1abe96331abfa975f
-
SHA512
02cac15f62be2e17367cc1c1dcc59d9e9571455ce79a46e289d1d4f04066da6267e1d435b6d3ff3e3f6d582b8ffec1197fe716928512cf1f13d96184c658cd3d
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-