General
-
Target
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70.bin.sample
-
Size
191KB
-
Sample
210928-j5jlwabbhq
-
MD5
435b7f9a16f6846fd263e6641df6f496
-
SHA1
fc45d2718f67ea9b59c7fc30c3d585049f884c12
-
SHA256
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70
-
SHA512
5fa0c155a512ace1f78db1c0af612f06781b4e7e42e6ebb24d074ad1de9d73dbe2b2d4cf4665740241e41fecb22f2f8eeeb74d027a05a60f474f4807fe2160c7
Static task
static1
Behavioral task
behavioral1
Sample
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70.bin.sample.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70.bin.sample.exe
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.best
Targets
-
-
Target
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70.bin.sample
-
Size
191KB
-
MD5
435b7f9a16f6846fd263e6641df6f496
-
SHA1
fc45d2718f67ea9b59c7fc30c3d585049f884c12
-
SHA256
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70
-
SHA512
5fa0c155a512ace1f78db1c0af612f06781b4e7e42e6ebb24d074ad1de9d73dbe2b2d4cf4665740241e41fecb22f2f8eeeb74d027a05a60f474f4807fe2160c7
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-