General
-
Target
arceo.ai_6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04_ezt_vxc6.exe
-
Size
196KB
-
Sample
210901-eslqy6b286
-
MD5
ad496fc24e5dcb74a04dd1ec746470e7
-
SHA1
ffa9aa91954f2b7d5136a1d1b711e18b889475d0
-
SHA256
6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04
-
SHA512
e6f378fa7aefeb06a998b598481e5aea486115a404517264af0387ec253a56531547e1fa2ae8c4534c1c1419a17a1787721967a41d86ad39eeefca91d38053dc
Static task
static1
Behavioral task
behavioral1
Sample
arceo.ai_6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04_ezt_vxc6.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
arceo.ai_6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04_ezt_vxc6.exe
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.xyz
Targets
-
-
Target
arceo.ai_6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04_ezt_vxc6.exe
-
Size
196KB
-
MD5
ad496fc24e5dcb74a04dd1ec746470e7
-
SHA1
ffa9aa91954f2b7d5136a1d1b711e18b889475d0
-
SHA256
6815e1e06e29863290319eb3e814ae2a394271aa2f95cc7c31a649c4c2f4fd04
-
SHA512
e6f378fa7aefeb06a998b598481e5aea486115a404517264af0387ec253a56531547e1fa2ae8c4534c1c1419a17a1787721967a41d86ad39eeefca91d38053dc
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-