General
-
Target
af0366a8e19aafc48efd00205417ad12
-
Size
6.8MB
-
Sample
210915-f4bcbscahj
-
MD5
af0366a8e19aafc48efd00205417ad12
-
SHA1
ef1feb2284ca17cf6fa64a54cdf11f6ecffdbf41
-
SHA256
dcc3e9ff88844c90d49a10a3cc63bed8cb18ff4192a57cb1c7183022c47124e0
-
SHA512
8dd877e853f12c425a8d86938e9205ff8607f71fee7f75a50a30418cc6f6e9b06760ecbd6b00d813ce38b4e9ca67074b0ff3a367629145492e70acf4681e1816
Static task
static1
Behavioral task
behavioral1
Sample
af0366a8e19aafc48efd00205417ad12.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
af0366a8e19aafc48efd00205417ad12.exe
Resource
win10-en
Malware Config
Extracted
\??\c:\HELP - README TO UNLOCK FILES.txt
ransomnow@yandex.ru
bc1qgq8pawjsc5wa392wy92y5pvvskxljks0w6zfcd
Targets
-
-
Target
af0366a8e19aafc48efd00205417ad12
-
Size
6.8MB
-
MD5
af0366a8e19aafc48efd00205417ad12
-
SHA1
ef1feb2284ca17cf6fa64a54cdf11f6ecffdbf41
-
SHA256
dcc3e9ff88844c90d49a10a3cc63bed8cb18ff4192a57cb1c7183022c47124e0
-
SHA512
8dd877e853f12c425a8d86938e9205ff8607f71fee7f75a50a30418cc6f6e9b06760ecbd6b00d813ce38b4e9ca67074b0ff3a367629145492e70acf4681e1816
Score10/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-