General
-
Target
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82.bin.sample
-
Size
296KB
-
Sample
210928-jjs87abbcp
-
MD5
88ea4b8614e295d77ef49414809fb457
-
SHA1
e17e7873af1eb66ad2d55736c4dbfb6304796ef5
-
SHA256
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82
-
SHA512
eef515bcdd389f22508282c4e5753716dd2fb3436b6d0f0dd9b5f89c4b11b79b3667527f5bf15a7a2c4223f5f2861b547dffe11d7a68ac62a581efe6c3012b0d
Static task
static1
Behavioral task
behavioral1
Sample
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82.bin.sample.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82.bin.sample.dll
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.top/
Targets
-
-
Target
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82.bin.sample
-
Size
296KB
-
MD5
88ea4b8614e295d77ef49414809fb457
-
SHA1
e17e7873af1eb66ad2d55736c4dbfb6304796ef5
-
SHA256
03a4e3aaf3582766b957f70143da07a5d6d1e40335d71f808130e2c0fd120c82
-
SHA512
eef515bcdd389f22508282c4e5753716dd2fb3436b6d0f0dd9b5f89c4b11b79b3667527f5bf15a7a2c4223f5f2861b547dffe11d7a68ac62a581efe6c3012b0d
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-