General
-
Target
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975.sample
-
Size
59KB
-
Sample
210726-acfa79lw22
-
MD5
c830512579b0e08f40bc1791fc10c582
-
SHA1
2fc8514367d4799d90311b1b1f277b3fca5ca731
-
SHA256
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975
-
SHA512
b8e7dc2b26ff00c43dae3e5ceb2b241bc7211c52fba167f1dfd81b285461fd53668953ede798a5f4fd1c587ee9861c2ca0fd034a958428dd3d9f5177c61b5ca3
Static task
static1
Behavioral task
behavioral1
Sample
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975.sample.exe
Resource
win10v20210408
Malware Config
Extracted
C:\\README.341d6443.TXT
darkside
http://darksidedxcftmqa.onion/DWMRLAW/N9N6W7_4EpBFAgHXuDGQwpXTQSpdXdKqYN_rPUXHIsXGkuZCNNHvRC8amaoegEAh
http://darksidfqzcuhtk2.onion/WKWM6ZXNBVAFW62I1RTLLD4A82OO2O7NBOKLF05CRB4BD06IRBQ0MFA9ZFAKDZH2
Targets
-
-
Target
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975.sample
-
Size
59KB
-
MD5
c830512579b0e08f40bc1791fc10c582
-
SHA1
2fc8514367d4799d90311b1b1f277b3fca5ca731
-
SHA256
12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975
-
SHA512
b8e7dc2b26ff00c43dae3e5ceb2b241bc7211c52fba167f1dfd81b285461fd53668953ede798a5f4fd1c587ee9861c2ca0fd034a958428dd3d9f5177c61b5ca3
Score10/10-
DarkSide
Targeted ransomware first seen in August 2020. Operators steal data to use as leverage.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Sets desktop wallpaper using registry
-