General
-
Target
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344.bin.sample
-
Size
192KB
-
Sample
210928-lr9bgsbfbl
-
MD5
e6676709305e02828f8925810e7ee7b2
-
SHA1
145505184e63b1656e42cbe1cb7aad7262f35ffe
-
SHA256
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344
-
SHA512
ee99b5dce2f1955c968bf7ee93916dff5c8a3c89fb579416a7adb16be5ea8bf0cae7a12ee7e0baf6bd2ebd3fb10dcc404f111b6f9a39e1c0df184ed10870e7a5
Static task
static1
Behavioral task
behavioral1
Sample
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344.bin.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344.bin.sample.exe
Resource
win10-en-20210920
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.best
Targets
-
-
Target
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344.bin.sample
-
Size
192KB
-
MD5
e6676709305e02828f8925810e7ee7b2
-
SHA1
145505184e63b1656e42cbe1cb7aad7262f35ffe
-
SHA256
f54ae59740ae0294ce5c4ddea42aebb5e57f830643337f43a18aa15bb25a7344
-
SHA512
ee99b5dce2f1955c968bf7ee93916dff5c8a3c89fb579416a7adb16be5ea8bf0cae7a12ee7e0baf6bd2ebd3fb10dcc404f111b6f9a39e1c0df184ed10870e7a5
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-