General
-
Target
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f
-
Size
76KB
-
Sample
210923-sa685aeegr
-
MD5
2efd3dd4ff2e199133e1670001e8fb27
-
SHA1
43b8269ed8bdc93d3cfd691736cb12228cc01e1d
-
SHA256
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f
-
SHA512
ccc281afe56b68fbb66dbcce358c2b4be171b17019fc0d6a2a468fc463d9d0a14a9f4896b86eb2a07444ce553ddf2c7e96ef501c9977e913d300cf86b7616c81
Static task
static1
Behavioral task
behavioral1
Sample
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f.exe
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.best
Targets
-
-
Target
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f
-
Size
76KB
-
MD5
2efd3dd4ff2e199133e1670001e8fb27
-
SHA1
43b8269ed8bdc93d3cfd691736cb12228cc01e1d
-
SHA256
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f
-
SHA512
ccc281afe56b68fbb66dbcce358c2b4be171b17019fc0d6a2a468fc463d9d0a14a9f4896b86eb2a07444ce553ddf2c7e96ef501c9977e913d300cf86b7616c81
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-