General
-
Target
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea.bin.sample
-
Size
194KB
-
Sample
211125-nm8v9sfabl
-
MD5
43d007e18d3a1530c7f2366184bee5df
-
SHA1
652f652a69ab3d5ae0286ec6b8fab4e449a34e71
-
SHA256
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea
-
SHA512
90ea2fccfadee1f71b0afa7f1e29a23e283490bf1056f6d0c950c2808045cff1d17488d8fee0ad4d9cde428296da08663b3da19feaba8e9ad7840c83e5c8294a
Static task
static1
Behavioral task
behavioral1
Sample
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea.bin.sample.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea.bin.sample.exe
Resource
win10-en-20211104
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea.bin.sample
-
Size
194KB
-
MD5
43d007e18d3a1530c7f2366184bee5df
-
SHA1
652f652a69ab3d5ae0286ec6b8fab4e449a34e71
-
SHA256
49dc5a243d322cd4d467e5f24b61ff749869564ddcf6a2f700839cf5ae9e37ea
-
SHA512
90ea2fccfadee1f71b0afa7f1e29a23e283490bf1056f6d0c950c2808045cff1d17488d8fee0ad4d9cde428296da08663b3da19feaba8e9ad7840c83e5c8294a
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-