General
-
Target
IHAransom.exe
-
Size
231KB
-
Sample
211028-kdnl7aacd3
-
MD5
5f775c9a9d49013ef37aa7d332327af4
-
SHA1
f96eeeaebef8e4d1ed74f7c557ef2a9d3c021bc8
-
SHA256
6fafb9d3eec58313bfeb572ebeb09739a413b1df2b7755611f06ef62d8c9cf8e
-
SHA512
fb6c0231f4821ded9c1fa7045d2581bd816d9dbe792394742b946f7ba76a06e18b84078bef6e0206f5dff2e42145f6e9f9f43829dc567ca571884b60c745f31f
Static task
static1
Behavioral task
behavioral1
Sample
IHAransom.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
IHAransom.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
IHAransom.exe
-
Size
231KB
-
MD5
5f775c9a9d49013ef37aa7d332327af4
-
SHA1
f96eeeaebef8e4d1ed74f7c557ef2a9d3c021bc8
-
SHA256
6fafb9d3eec58313bfeb572ebeb09739a413b1df2b7755611f06ef62d8c9cf8e
-
SHA512
fb6c0231f4821ded9c1fa7045d2581bd816d9dbe792394742b946f7ba76a06e18b84078bef6e0206f5dff2e42145f6e9f9f43829dc567ca571884b60c745f31f
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Sets desktop wallpaper using registry
-