General
-
Target
093f098e70cc57a17d02323cbe6cd484
-
Size
78KB
-
Sample
210928-zqxg7adaf7
-
MD5
093f098e70cc57a17d02323cbe6cd484
-
SHA1
134239f63291d00a604e619ffafb0bf3a05e5a80
-
SHA256
ae6020a06d2a95cbe91b439f4433e87d198547dec629ab0900ccfe17e729cff1
-
SHA512
6ff0dc0e19c1fd716065e7c2ddf7081f7ece50925f6cedbfc8f2e3595c66ba408678958cd7b6ec0a5fcf2e82c13cef94f8f5d6ea805f9e707b292f6eb97e9403
Static task
static1
Behavioral task
behavioral1
Sample
093f098e70cc57a17d02323cbe6cd484.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
093f098e70cc57a17d02323cbe6cd484.exe
Resource
win10v20210408
Malware Config
Extracted
C:\Help Restore Your Files.txt
3JG36KY6abZTnHBdQCon1hheC3Wa2bdyqs
https://bitfy.app/
https://www.bitpanda.com/
https://paxful.com/
https://www.abra.com/
https://www.huobi.com/
https://www.bitoex.com/
Targets
-
-
Target
093f098e70cc57a17d02323cbe6cd484
-
Size
78KB
-
MD5
093f098e70cc57a17d02323cbe6cd484
-
SHA1
134239f63291d00a604e619ffafb0bf3a05e5a80
-
SHA256
ae6020a06d2a95cbe91b439f4433e87d198547dec629ab0900ccfe17e729cff1
-
SHA512
6ff0dc0e19c1fd716065e7c2ddf7081f7ece50925f6cedbfc8f2e3595c66ba408678958cd7b6ec0a5fcf2e82c13cef94f8f5d6ea805f9e707b292f6eb97e9403
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-