General
-
Target
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79.bin.sample
-
Size
194KB
-
Sample
211130-l2qbcsefbr
-
MD5
eedd1cfc7acd012bbec464aebc679ee4
-
SHA1
4eb58012451f3b574ccc816b6dc09fdf0663c4d2
-
SHA256
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79
-
SHA512
fa3dd6fea68e06b5efdae96bfcbccfcd959f8443198acb58cbe162e386dfe9ccd602215e73ebe91250e38fde463ccd3fa3bd3da6f574196ddad75e9d1f15a56d
Static task
static1
Behavioral task
behavioral1
Sample
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79.bin.sample.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79.bin.sample.exe
Resource
win10-en-20211104
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79.bin.sample
-
Size
194KB
-
MD5
eedd1cfc7acd012bbec464aebc679ee4
-
SHA1
4eb58012451f3b574ccc816b6dc09fdf0663c4d2
-
SHA256
1be34c1ed6ad862678d6c5e58c190f0a86014975af6d79519b2006aa7614df79
-
SHA512
fa3dd6fea68e06b5efdae96bfcbccfcd959f8443198acb58cbe162e386dfe9ccd602215e73ebe91250e38fde463ccd3fa3bd3da6f574196ddad75e9d1f15a56d
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-