General
-
Target
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
-
Size
504KB
-
Sample
210831-9sn7qatnhx
-
MD5
e9454a2ff16897e177d8a11083850ec7
-
SHA1
6b6855931e69d27f5f2e2d828fbeb4db91688996
-
SHA256
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
-
SHA512
9bd01ed32887cecefe3987991f3ae3a0375c1cb1bff8b49f795b000076c26a1bb938476e4383b60a3f1ac5de79f7cd3cf2520ef695908815c0fee55a17dcb021
Static task
static1
Behavioral task
behavioral1
Sample
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
-
Size
504KB
-
MD5
e9454a2ff16897e177d8a11083850ec7
-
SHA1
6b6855931e69d27f5f2e2d828fbeb4db91688996
-
SHA256
e9662b468135f758a9487a1be50159ef57f3050b753de2915763b4ed78839ead
-
SHA512
9bd01ed32887cecefe3987991f3ae3a0375c1cb1bff8b49f795b000076c26a1bb938476e4383b60a3f1ac5de79f7cd3cf2520ef695908815c0fee55a17dcb021
Score10/10-
Mespinoza Ransomware
Also known as Pysa. Ransomware-as-a-servoce which first appeared in 2020.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-