General
-
Target
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828.bin.sample
-
Size
194KB
-
Sample
211130-l5pt1ahgf2
-
MD5
5956ee31b3479f3e1b79456dc42ef8b8
-
SHA1
83fb1f0ecbde4ef2047b2c44626b432c4f2926af
-
SHA256
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828
-
SHA512
6c7a11c3c72c0f32000b7f7752ae538053cf9e12fbd534f8752539bb1b294f6c386289166e6cdaa6d620234cf5965b96ab753d2443f2af9de50291dd57bb8c49
Static task
static1
Behavioral task
behavioral1
Sample
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828.bin.sample.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828.bin.sample.exe
Resource
win10-en-20211104
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828.bin.sample
-
Size
194KB
-
MD5
5956ee31b3479f3e1b79456dc42ef8b8
-
SHA1
83fb1f0ecbde4ef2047b2c44626b432c4f2926af
-
SHA256
35d49eb7fa8740a53d6a84de7fd9b7d177df8d96d25a67b1bc18d2b685988828
-
SHA512
6c7a11c3c72c0f32000b7f7752ae538053cf9e12fbd534f8752539bb1b294f6c386289166e6cdaa6d620234cf5965b96ab753d2443f2af9de50291dd57bb8c49
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-