General
-
Target
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a
-
Size
691KB
-
Sample
210830-vvgqk7lxre
-
MD5
228da27a87b611a789086214cf4382ea
-
SHA1
853d14db0de136b33c90d3171879c4384bc2882e
-
SHA256
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a
-
SHA512
d6179f906fee90d966f016043be9ceffa473552a32c8cc9b6242c754fac5310600329351bd9d4d642ca30e9892103e059b452f3fe12fd956c601db4c9ad3af99
Static task
static1
Behavioral task
behavioral1
Sample
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a.exe
Resource
win10v20210408
Malware Config
Extracted
C:\$Recycle.Bin\GET_YOUR_FILES_BACK.txt
avoslocker
http://avosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad.onion
http://avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad.onion
Targets
-
-
Target
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a
-
Size
691KB
-
MD5
228da27a87b611a789086214cf4382ea
-
SHA1
853d14db0de136b33c90d3171879c4384bc2882e
-
SHA256
e62c0bdf69b88a5bd95872cbcf4da4de4eef226bc9ef0452ee652eeee519b15a
-
SHA512
d6179f906fee90d966f016043be9ceffa473552a32c8cc9b6242c754fac5310600329351bd9d4d642ca30e9892103e059b452f3fe12fd956c601db4c9ad3af99
Score10/10-
Avoslocker Ransomware
Avoslocker is a relatively new ransomware, that was observed in late June and early July, 2021.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-