conti | 1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13 | Triage

Submit
Reports

Overview

overview

Static

static

1c4da8bf20...le.exe

windows7_x64

1c4da8bf20...le.exe

windows10_x64

Sharing

General

Target

1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13.bin.sample
Size

99KB
Sample

210928-jqjnbsbag5
MD5

6748dfe8e64dea2fc4c14691f7e766c6
SHA1

7211eb5a63a2cd6f340501b95c1acfe77fdd80f7
SHA256

1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13
SHA512

8d5bcef5eee3faee1cf5c2b538807859e982b4dd1b94134a700e9af62321696588f7dad88fd4115fdfbcbd4efedb00a7199342f2a046b47e5818525719f1a703

Score

10^/10

conti ransomware

Static task

static1

Behavioral task

behavioral1

Sample

1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13.bin.sample.exe

Resource

win7v20210408

conti ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13.bin.sample.exe

Resource

win10-en-20210920

conti ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13.bin.sample
- Size
  
  99KB
- MD5
  
  6748dfe8e64dea2fc4c14691f7e766c6
- SHA1
  
  7211eb5a63a2cd6f340501b95c1acfe77fdd80f7
- SHA256
  
  1c4da8bf2089e82a1665f7ac350eeea291dae7509d58dbfc2037ddc1997bfd13
- SHA512
  
  8d5bcef5eee3faee1cf5c2b538807859e982b4dd1b94134a700e9af62321696588f7dad88fd4115fdfbcbd4efedb00a7199342f2a046b47e5818525719f1a703
Score

10^/10

conti ransomware
- Conti Ransomware
  Ransomware generally thought to be a successor to Ryuk.
  ransomware conti
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

contiransomware

behavioral2

contiransomware

© 2018-2024

Terms | Privacy