General
-
Target
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f.bin.sample
-
Size
194KB
-
Sample
211005-kmh33ahec2
-
MD5
554c953ea45e18e76f3f9fcbd833dd33
-
SHA1
34fa94ba87ec9011b3c3417e2b3509446508992c
-
SHA256
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f
-
SHA512
3a0e3440efde8599174321fa8eb52b07a2076936ad0a09fd111c52a20bcad49ee050c4b39d7d5adf896cebd31863c1a7cc1b04dfd96fc1a06fa215fb5891b71c
Static task
static1
Behavioral task
behavioral1
Sample
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f.bin.sample.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f.bin.sample.exe
Resource
win10v20210408
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f.bin.sample
-
Size
194KB
-
MD5
554c953ea45e18e76f3f9fcbd833dd33
-
SHA1
34fa94ba87ec9011b3c3417e2b3509446508992c
-
SHA256
675731ed62f1dfa24300eb41e7431de21aeb876e97093b0353cbad0c02cbe13f
-
SHA512
3a0e3440efde8599174321fa8eb52b07a2076936ad0a09fd111c52a20bcad49ee050c4b39d7d5adf896cebd31863c1a7cc1b04dfd96fc1a06fa215fb5891b71c
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-