General
-
Target
VanGoth.exe
-
Size
36KB
-
Sample
211014-bw4lpafef9
-
MD5
afff555062c4e6fb3a34e7c2be519fcd
-
SHA1
73ed552ba04e57e8cd991f9f82a182aa298c4baa
-
SHA256
d27a5719ec67c146a1b338302074de39f5ad49b17f81cb014cc2c57c4f464d85
-
SHA512
31b3b0cf4e877f848fae85c7afd08fe165ae5bcb114d41781d28403e276f524d383e34f7d3e39b96beb8e39f023ae1d150115bf751a3196e3c773eb688a6277f
Static task
static1
Behavioral task
behavioral1
Sample
VanGoth.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
VanGoth.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
VanGoth.exe
-
Size
36KB
-
MD5
afff555062c4e6fb3a34e7c2be519fcd
-
SHA1
73ed552ba04e57e8cd991f9f82a182aa298c4baa
-
SHA256
d27a5719ec67c146a1b338302074de39f5ad49b17f81cb014cc2c57c4f464d85
-
SHA512
31b3b0cf4e877f848fae85c7afd08fe165ae5bcb114d41781d28403e276f524d383e34f7d3e39b96beb8e39f023ae1d150115bf751a3196e3c773eb688a6277f
Score8/10-
Drops file in Drivers directory
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops file in System32 directory
-