General
-
Target
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d.bin
-
Size
1.8MB
-
Sample
211015-ymwaaacbfm
-
MD5
7d4550dd4c6996057147ecc996b14e9a
-
SHA1
d0d68281f8459b5558559fbbf8c6c8ab4ddfec8b
-
SHA256
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d
-
SHA512
e0653ac9c92bd134ff43886b4a8a36016660294c134ff11c6cddefe50494923fdcf370c3d96d5538d2c7ef20d216b4d15b914d40002c982c69021ee8998f57df
Behavioral task
behavioral1
Sample
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d.bin.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d.bin.exe
Resource
win10-en-20211014
Malware Config
Extracted
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\HOW-TO-DECRYPT-gn9cj.txt
Extracted
C:\MSOCache\All Users\{90140000-0116-0409-1000-0000000FF1CE}-C\HOW-TO-DECRYPT-gn9cj.txt
Targets
-
-
Target
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d.bin
-
Size
1.8MB
-
MD5
7d4550dd4c6996057147ecc996b14e9a
-
SHA1
d0d68281f8459b5558559fbbf8c6c8ab4ddfec8b
-
SHA256
ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d
-
SHA512
e0653ac9c92bd134ff43886b4a8a36016660294c134ff11c6cddefe50494923fdcf370c3d96d5538d2c7ef20d216b4d15b914d40002c982c69021ee8998f57df
Score10/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Loads dropped DLL
-