General
-
Target
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754.bin.sample
-
Size
517KB
-
Sample
210923-scbj8segb5
-
MD5
4eaaf31a7ff227a52fb036ed30103c79
-
SHA1
eef0ee30efb1a0595a5a1633e08dcdf65a94a3c4
-
SHA256
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754
-
SHA512
917707ea12dc5ec296e41d25797dcafdda525eaaee768137926df11699cad07f8176567ecd0969e471ebced0e00932bf3aa270a9d177de814d6c003ff7d18e73
Static task
static1
Behavioral task
behavioral1
Sample
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754.bin.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754.bin.sample.exe
Resource
win10-en-20210920
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754.bin.sample
-
Size
517KB
-
MD5
4eaaf31a7ff227a52fb036ed30103c79
-
SHA1
eef0ee30efb1a0595a5a1633e08dcdf65a94a3c4
-
SHA256
11d1bda99c350ee4d82c6e53ca9a1c1c76bc5b9e3148853899cc04d1d00e9754
-
SHA512
917707ea12dc5ec296e41d25797dcafdda525eaaee768137926df11699cad07f8176567ecd0969e471ebced0e00932bf3aa270a9d177de814d6c003ff7d18e73
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-