Extracted

Extracted

• • Target

    e1.bin

  • Size

    128KB

  • MD5

    d687eb9fea18e6836bd572b2d180b144

  • SHA1

    0e7f076d59ab24ab04200415cb35037c619d0bae

  • SHA256

    863e4557e550dd89e5ca0e43c57a3fc1889145c76ec9787e97f76e959fc8e1e1

  • SHA512

    16aed099d7d1131facb76591176566a9de9a140948f467b7a43d7518215ce24490956b0996d0f7638cf0d313947f12d91d145ebe4d584779e119707d59463684

  Score

  10^/10

  evasionransomware

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies boot configuration data using bcdedit

    ransomwareevasion

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Deletes itself

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2