General
-
Target
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6.bin.sample
-
Size
191KB
-
Sample
210928-jv6cwsbah5
-
MD5
8d0b5c991c8725b979911d074556ee11
-
SHA1
04575878698e6ab06a0ea3f9ff6390051a73b580
-
SHA256
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6
-
SHA512
48609af2b35845921f0f7f48b3ad501ad8dc4077c7fb67b7e63f98c2d7056b2f3e7585800dc186a525eee6f7b2014ba0167297f2f7f4a70498edf4f56e57c489
Static task
static1
Behavioral task
behavioral1
Sample
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6.bin.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6.bin.sample.exe
Resource
win10-en-20210920
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.top/
Targets
-
-
Target
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6.bin.sample
-
Size
191KB
-
MD5
8d0b5c991c8725b979911d074556ee11
-
SHA1
04575878698e6ab06a0ea3f9ff6390051a73b580
-
SHA256
2f4f45f6624d1992bb474d7b245ebe8c316c0f8093fd1e313756c69680b844e6
-
SHA512
48609af2b35845921f0f7f48b3ad501ad8dc4077c7fb67b7e63f98c2d7056b2f3e7585800dc186a525eee6f7b2014ba0167297f2f7f4a70498edf4f56e57c489
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-