General
-
Target
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38.bin.sample
-
Size
208KB
-
Sample
210928-lmldvsbfaj
-
MD5
a8ff5d8b106c677713362bc7565cb0fb
-
SHA1
ee29eaf5a39715f02d1b2c2e518ae14cc338d7c3
-
SHA256
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38
-
SHA512
d48d0326dc481a2d8ae02c5acf13380397079d0ea286fe1c591ee1da8b10bc40a50a2d6fbd899832bcfd0eb9af6fc6ecaa6026fbdc80070b647dbcef7206ce01
Static task
static1
Behavioral task
behavioral1
Sample
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38.bin.sample.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38.bin.sample.exe
Resource
win10-en-20210920
Malware Config
Extracted
C:\readme.txt
conti
polzarutu1982@protonmail.com
http://m232fdxbfmbrcehbrj5iayknxnggf6niqfj6x4iedrgtab4qupzjlaid.onion
https://contirecovery.best
Targets
-
-
Target
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38.bin.sample
-
Size
208KB
-
MD5
a8ff5d8b106c677713362bc7565cb0fb
-
SHA1
ee29eaf5a39715f02d1b2c2e518ae14cc338d7c3
-
SHA256
dbc76355c56a885a1475174fb5325d61b875fd6207ef465cae05617b49463a38
-
SHA512
d48d0326dc481a2d8ae02c5acf13380397079d0ea286fe1c591ee1da8b10bc40a50a2d6fbd899832bcfd0eb9af6fc6ecaa6026fbdc80070b647dbcef7206ce01
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-