General
-
Target
af48e55bb79caba8acccaa8a9498874db7cbf46d3ed696e7b0ce32ad157abbc2.sample
-
Size
200KB
-
Sample
210726-28zq4w68bj
-
MD5
f5ae9882f079c34f21eb9649b6f79724
-
SHA1
78f92938f0f9e5f5e1470eeaea9841e8e53c3fda
-
SHA256
af48e55bb79caba8acccaa8a9498874db7cbf46d3ed696e7b0ce32ad157abbc2
-
SHA512
ca92229a2ad7234276cdb8aa8df1d1349560af47607660089bdeffcf53e06be52d2657887e85cbfc70ecf12d4782699eaa009f2b6c86f0c09af80a97481ee13c
Malware Config
Targets
-
-
Target
af48e55bb79caba8acccaa8a9498874db7cbf46d3ed696e7b0ce32ad157abbc2.sample
-
Size
200KB
-
MD5
f5ae9882f079c34f21eb9649b6f79724
-
SHA1
78f92938f0f9e5f5e1470eeaea9841e8e53c3fda
-
SHA256
af48e55bb79caba8acccaa8a9498874db7cbf46d3ed696e7b0ce32ad157abbc2
-
SHA512
ca92229a2ad7234276cdb8aa8df1d1349560af47607660089bdeffcf53e06be52d2657887e85cbfc70ecf12d4782699eaa009f2b6c86f0c09af80a97481ee13c
Score10/10-
suricata: ET MALWARE TorrentLocker DNS Lookup
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-