d38fd7b985618045a015257f76b115ad1c751ad9d8003d9c41af6f9fa8d7c918

General

Target

Walletconnect.exe
Size

21.0MB
Sample

210814-nsymr7z8ms
MD5

078265af9fd10064a23cac405a144677
SHA1

a94acc3a65654dc9583c927b357ce096bf207606
SHA256

d38fd7b985618045a015257f76b115ad1c751ad9d8003d9c41af6f9fa8d7c918
SHA512

a177e3ef3c126b41dddede3e9dc0e6df748215447a018d97bacdb0191e7a46149bb6d7f9fc49a088588fe77be0637130502497f8cf64abd45ef0d13015bdb147

Score

10^/10

pyinstaller ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Downloads\README.txt

Ransom Note

Tango Down! Your Computer has been Locked and Your Files Haven Been Encrypted Don't Panic, you get have your files back! Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to get your key You are adviced to get your bitcoins ready for negotiations send us a mail to get your system back, cryptonation92@outlook.com Zeznzo

Emails

cryptonation92@outlook.com

Targets

- Target
  
  Walletconnect.exe
- Size
  
  21.0MB
- MD5
  
  078265af9fd10064a23cac405a144677
- SHA1
  
  a94acc3a65654dc9583c927b357ce096bf207606
- SHA256
  
  d38fd7b985618045a015257f76b115ad1c751ad9d8003d9c41af6f9fa8d7c918
- SHA512
  
  a177e3ef3c126b41dddede3e9dc0e6df748215447a018d97bacdb0191e7a46149bb6d7f9fc49a088588fe77be0637130502497f8cf64abd45ef0d13015bdb147
Score

10^/10

ransomware
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2