General
-
Target
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704.sample
-
Size
152KB
-
Sample
210726-p71nqp5vej
-
MD5
3c701aa97f42c4861ea2c371d6f7e32f
-
SHA1
870823725625a440013533a4763f1a21d85005f2
-
SHA256
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704
-
SHA512
d4089284784cd8d8821a6d8e08b781131dac38a046e3ae0db3fc3fa4e6c69b8b53fb9f06ca3551d27b452de3190eafc48a5cd74c4250bb5f03f648904a4af82f
Static task
static1
Behavioral task
behavioral1
Sample
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704.sample.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704.sample
-
Size
152KB
-
MD5
3c701aa97f42c4861ea2c371d6f7e32f
-
SHA1
870823725625a440013533a4763f1a21d85005f2
-
SHA256
15e8c986c4602c61a474b51d250e03d5bb178eabc8c5a82a242c1a0fa2227704
-
SHA512
d4089284784cd8d8821a6d8e08b781131dac38a046e3ae0db3fc3fa4e6c69b8b53fb9f06ca3551d27b452de3190eafc48a5cd74c4250bb5f03f648904a4af82f
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-