General
-
Target
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample
-
Size
111KB
-
Sample
210726-xqs9majbgj
-
MD5
53c9609bc674d1ebc4de2d8954691a95
-
SHA1
44304bd96f6e5acf620429430b124e63cdd05faa
-
SHA256
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9
-
SHA512
390f0afabdeb486098adae9a04bf35e644ce32f62036ef80521f387c9d413c99a9a0876b68f5aae5737cdb478fc01e8c650da43efecc67f776aec14ad1f6cae3
Static task
static1
Behavioral task
behavioral1
Sample
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample
-
Size
111KB
-
MD5
53c9609bc674d1ebc4de2d8954691a95
-
SHA1
44304bd96f6e5acf620429430b124e63cdd05faa
-
SHA256
ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9
-
SHA512
390f0afabdeb486098adae9a04bf35e644ce32f62036ef80521f387c9d413c99a9a0876b68f5aae5737cdb478fc01e8c650da43efecc67f776aec14ad1f6cae3
Score9/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-