General
-
Target
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c.bin.sample
-
Size
185KB
-
Sample
210928-lbj2nabeam
-
MD5
304745b78d1caf12316eb73955eb175f
-
SHA1
20967bd64eabb8dddbaa711c85c7bd2f3146ee83
-
SHA256
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c
-
SHA512
96ba786d72822c771cf97912cc993c4e626104887d8f71d22b8b02b9f973c70b62258ac31a40baabbe6a662e67633cba8dd550ef91fa36b3696e35e715c4c024
Static task
static1
Behavioral task
behavioral1
Sample
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c.bin.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c.bin.sample.exe
Resource
win10v20210408
Malware Config
Extracted
C:\R3ADM3.txt
conti
http://m232fdxbfmbrcehbrj5iayknxnggf6niqfj6x4iedrgtab4qupzjlaid.onion
https://contirecovery.info
Targets
-
-
Target
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c.bin.sample
-
Size
185KB
-
MD5
304745b78d1caf12316eb73955eb175f
-
SHA1
20967bd64eabb8dddbaa711c85c7bd2f3146ee83
-
SHA256
7741970ab53794dfd0b27891a22edd2facf262e20744b9ac1830abb6a5bb0b2c
-
SHA512
96ba786d72822c771cf97912cc993c4e626104887d8f71d22b8b02b9f973c70b62258ac31a40baabbe6a662e67633cba8dd550ef91fa36b3696e35e715c4c024
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-