General
-
Target
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838
-
Size
402KB
-
Sample
210727-vzj578st4n
-
MD5
577bc98ed6308f96a27ff156f304a125
-
SHA1
b19d7b107e980dbba50c6a2d99c9aeadc257e48f
-
SHA256
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838
-
SHA512
83512f274fdfb71bdb7898d97eb77085b1da3f785d59f9790b6cdcdaf13cdc8e582731434a67fafea1651b1dde75957ca8896a058d73bbe6e1a35ad31f7b624b
Static task
static1
Behavioral task
behavioral1
Sample
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838.exe
Resource
win10v20210408
Malware Config
Extracted
C:\$Recycle.Bin\GET_YOUR_FILES_BACK.txt
http://avos2fuj6olp6x36.onion
http://avos53nnmi4u6amh.onion/
Targets
-
-
Target
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838
-
Size
402KB
-
MD5
577bc98ed6308f96a27ff156f304a125
-
SHA1
b19d7b107e980dbba50c6a2d99c9aeadc257e48f
-
SHA256
918cc7b13539fa40464b0f6109d62c7092d3c6bf57f4dfddd2e0e20eeac6e838
-
SHA512
83512f274fdfb71bdb7898d97eb77085b1da3f785d59f9790b6cdcdaf13cdc8e582731434a67fafea1651b1dde75957ca8896a058d73bbe6e1a35ad31f7b624b
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-