General
-
Target
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618
-
Size
196KB
-
Sample
211002-zp8ttsehdq
-
MD5
617ccca7d5753993cbfd1309d1a18e1c
-
SHA1
246813f9a57e030f109bb77742809e32bac89c04
-
SHA256
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618
-
SHA512
5bff51725b4822ee64f8fcf985449e1b1ed489e68ea77e24d3b82b4575ba29336e6ae76c3132720d3ea3dacfd42bb54d9ae19139c21852b1599703701ecf7d57
Static task
static1
Behavioral task
behavioral1
Sample
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618.exe
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.xyz/
Targets
-
-
Target
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618
-
Size
196KB
-
MD5
617ccca7d5753993cbfd1309d1a18e1c
-
SHA1
246813f9a57e030f109bb77742809e32bac89c04
-
SHA256
4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618
-
SHA512
5bff51725b4822ee64f8fcf985449e1b1ed489e68ea77e24d3b82b4575ba29336e6ae76c3132720d3ea3dacfd42bb54d9ae19139c21852b1599703701ecf7d57
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-