General
-
Target
adc9137cf2906e36ac9e6bbeff3faed0219bbde512064b6251b62cfe37812cb1
-
Size
1.4MB
-
Sample
210619-qvt4sqymdx
-
MD5
4fa5fd0b35ba44e25b87747c1ba710f6
-
SHA1
dcbcb67d4723312f274627a2a22861f759d032a1
-
SHA256
adc9137cf2906e36ac9e6bbeff3faed0219bbde512064b6251b62cfe37812cb1
-
SHA512
d0f87394722e6f842e74a117f77e4cb579418bec18ece2efbd6feb4bee6facb0bb69d2153fb6c70b4584b389eee77f15c0f561f21b26e08c421fe727b56b7d13
Malware Config
Targets
-
-
Target
adc9137cf2906e36ac9e6bbeff3faed0219bbde512064b6251b62cfe37812cb1
-
Size
1.4MB
-
MD5
4fa5fd0b35ba44e25b87747c1ba710f6
-
SHA1
dcbcb67d4723312f274627a2a22861f759d032a1
-
SHA256
adc9137cf2906e36ac9e6bbeff3faed0219bbde512064b6251b62cfe37812cb1
-
SHA512
d0f87394722e6f842e74a117f77e4cb579418bec18ece2efbd6feb4bee6facb0bb69d2153fb6c70b4584b389eee77f15c0f561f21b26e08c421fe727b56b7d13
Score10/10-
DMA Locker
Ransomware family with some advanced features, like encryption of unmapped network shares.
-
HawkEye
HawkEye is a malware kit that has seen continuous development since at least 2013.
-
Locky
Ransomware strain released in 2016, with advanced features like anti-analysis.
-
Locky (Osiris variant)
Variant of the Locky ransomware seen in the wild since early 2017.
-
Modifies system executable filetype association
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Drops startup file
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-