General
-
Target
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e.sample
-
Size
179KB
-
Sample
210726-c6lbc7wf7j
-
MD5
8e4a887acab5f9475c5fa9a26fb9e720
-
SHA1
3294a12a583d2634f6e3d1232052dfe0cd51a44a
-
SHA256
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e
-
SHA512
56978ab3cb8172239da8742ebe41ef099bb9e1b58e23956a82bf495d7cc94c00a6067ecff5c441c2e9654abfe928ae5a81b57e19f3a80ac945a7780f92b39ff3
Static task
static1
Behavioral task
behavioral1
Sample
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e.sample.exe
Resource
win10v20210410
Malware Config
Extracted
C:\MSOCache\read_me_lkdtt.txt
http://6x7dp6h3w6q3ugjv4yv5gycj3femb24kysgry5b44hhgfwc5ml5qrdad.onion/030492044ded20e85096d439f92bc1d1f02d647c189459977d1e43aca3090a69
Targets
-
-
Target
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e.sample
-
Size
179KB
-
MD5
8e4a887acab5f9475c5fa9a26fb9e720
-
SHA1
3294a12a583d2634f6e3d1232052dfe0cd51a44a
-
SHA256
c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741e
-
SHA512
56978ab3cb8172239da8742ebe41ef099bb9e1b58e23956a82bf495d7cc94c00a6067ecff5c441c2e9654abfe928ae5a81b57e19f3a80ac945a7780f92b39ff3
Score10/10-
HelloKitty Ransomware
Ransomware family which has been active since late 2020, and in early 2021 a variant compromised the CDProjektRed game studio.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-