General
-
Target
rw2.exe
-
Size
8.8MB
-
Sample
210812-e2vccbsb6x
-
MD5
8153d7448499d6c92ec77e4b18806631
-
SHA1
3b14d25336d9bc90ad5c7f71a70302c079e08e9f
-
SHA256
a0f0323b47c33182225625a6d21afe22082738edde97049229d1202758c3e62c
-
SHA512
067691f8acc3cc55d6d20dd215ae7ac9d1b89bafe81ec89ee121de691265205370c2fbb724bcd15c0a8096f2b888ca77c6e5d50cff72e5a6e70809f6f04aa0e9
Static task
static1
Behavioral task
behavioral1
Sample
rw2.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
rw2.exe
Resource
win10v20210410
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\RANSOM_NOTE.txt
GetYourFilesBack@protonmail.com
Targets
-
-
Target
rw2.exe
-
Size
8.8MB
-
MD5
8153d7448499d6c92ec77e4b18806631
-
SHA1
3b14d25336d9bc90ad5c7f71a70302c079e08e9f
-
SHA256
a0f0323b47c33182225625a6d21afe22082738edde97049229d1202758c3e62c
-
SHA512
067691f8acc3cc55d6d20dd215ae7ac9d1b89bafe81ec89ee121de691265205370c2fbb724bcd15c0a8096f2b888ca77c6e5d50cff72e5a6e70809f6f04aa0e9
Score10/10-
Loads dropped DLL
-