conti | 79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9 | Triage

Submit
Reports

Overview

overview

Static

static

79e41bb5b4...le.exe

windows7_x64

79e41bb5b4...le.exe

windows10_x64

Sharing

General

Target

79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9.bin.sample
Size

101KB
Sample

210928-let12abde8
MD5

19ac3de21c70e04c45c51163137fcbdd
SHA1

c2fea43d827c628d4d77a18119e8daadfda2b158
SHA256

79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9
SHA512

9f29958b4c875d08347c65b2e952cd1cb8378f4780f7189c3eba7339cbfc8767f5d69cc1ff868543cf81e39b4161eb987d9546c9413fb12f2f3a01a3bfae1208

Score

10^/10

conti ransomware

Static task

static1

Behavioral task

behavioral1

Sample

79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9.bin.sample.exe

Resource

win7-en-20210920

conti ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9.bin.sample.exe

Resource

win10-en-20210920

conti ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9.bin.sample
- Size
  
  101KB
- MD5
  
  19ac3de21c70e04c45c51163137fcbdd
- SHA1
  
  c2fea43d827c628d4d77a18119e8daadfda2b158
- SHA256
  
  79e41bb5b4edef24742f9e376add4bafdb9cbeb9cb8ae256a36df74694d820b9
- SHA512
  
  9f29958b4c875d08347c65b2e952cd1cb8378f4780f7189c3eba7339cbfc8767f5d69cc1ff868543cf81e39b4161eb987d9546c9413fb12f2f3a01a3bfae1208
Score

10^/10

conti ransomware
- Conti Ransomware
  Ransomware generally thought to be a successor to Ryuk.
  ransomware conti
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

contiransomware

behavioral2

contiransomware

© 2018-2024

Terms | Privacy