General
-
Target
avslker_97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
Size
402KB
-
Sample
210726-mfxzp75xxs
-
MD5
208c45f500c299bc4ebd80d1e230cc41
-
SHA1
1c0b42efd324cab1625423b5634ee4b67ad62ac5
-
SHA256
97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
SHA512
d34d6ffcb4751f0a5391fd08cd6c78ceb6bdcc9c4346b28cd8c0e00a1ab810e1990dd752b70852aaed73738c888e6d0d73485c1e58582e8d0aedc106551e2637
Static task
static1
Behavioral task
behavioral1
Sample
avslker_97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
avslker_97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789.exe
Resource
win10v20210408
Malware Config
Extracted
C:\$Recycle.Bin\GET_YOUR_FILES_BACK.txt
http://avos2fuj6olp6x36.onion
http://avos53nnmi4u6amh.onion/
Targets
-
-
Target
avslker_97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
Size
402KB
-
MD5
208c45f500c299bc4ebd80d1e230cc41
-
SHA1
1c0b42efd324cab1625423b5634ee4b67ad62ac5
-
SHA256
97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
SHA512
d34d6ffcb4751f0a5391fd08cd6c78ceb6bdcc9c4346b28cd8c0e00a1ab810e1990dd752b70852aaed73738c888e6d0d73485c1e58582e8d0aedc106551e2637
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-