General
-
Target
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf.bin.sample
-
Size
191KB
-
Sample
210928-ll7kpsbehq
-
MD5
562b147a42384349a13372a4aad34af9
-
SHA1
84a847ad5857035a18c2359c9e0265702ed0b027
-
SHA256
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf
-
SHA512
54b27631f0ea91ed8093ea251290db91c531cfdb5ae468be2d2748d681c198778dc0905a511a276678eaf9ec2dc8369eb86e65d7af3785aaa17f96abec72b37e
Static task
static1
Behavioral task
behavioral1
Sample
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf.bin.sample.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf.bin.sample.dll
Resource
win10-en-20210920
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.top/
Targets
-
-
Target
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf.bin.sample
-
Size
191KB
-
MD5
562b147a42384349a13372a4aad34af9
-
SHA1
84a847ad5857035a18c2359c9e0265702ed0b027
-
SHA256
d21f53277c689939d94eced15e37c2f1e9bcbf547314ee26f4b21eee2102edbf
-
SHA512
54b27631f0ea91ed8093ea251290db91c531cfdb5ae468be2d2748d681c198778dc0905a511a276678eaf9ec2dc8369eb86e65d7af3785aaa17f96abec72b37e
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-