General
-
Target
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60.sample
-
Size
3.5MB
-
Sample
210726-yl3qkb5z1j
-
MD5
3d1cc4ef33bad0e39c757fce317ef82a
-
SHA1
f34e4b7080aa2ee5cfee2dac38ec0c306203b4ac
-
SHA256
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60
-
SHA512
8294b31a0f12fdc583ec1df5b9e36dfbb53745588da517c8c7842b197f96190b3228c759604df60159265e0f384bae0042ccc63ee966e81dc59b89b934b94e5b
Static task
static1
Behavioral task
behavioral1
Sample
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60.sample.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60.sample.exe
Resource
win10v20210410
Malware Config
Extracted
C:\Users\Public\Desktop\Fix-Your-Files.txt
bapcocrypt@ctemplar.com
Targets
-
-
Target
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60.sample
-
Size
3.5MB
-
MD5
3d1cc4ef33bad0e39c757fce317ef82a
-
SHA1
f34e4b7080aa2ee5cfee2dac38ec0c306203b4ac
-
SHA256
e5262db186c97bbe533f0a674b08ecdafa3798ea7bc17c705df526419c168b60
-
SHA512
8294b31a0f12fdc583ec1df5b9e36dfbb53745588da517c8c7842b197f96190b3228c759604df60159265e0f384bae0042ccc63ee966e81dc59b89b934b94e5b
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-