General
-
Target
c16a3ccc2ca18a936e56cb91cb271caef8b69076cf7bfa5af5867fbb7b71539b
-
Size
192KB
-
Sample
211208-rnz7asfgc2
-
MD5
207bf8ac14306d029a79a9b65bc637ae
-
SHA1
1787b589bf52a04594d24f3f39580da486377309
-
SHA256
c16a3ccc2ca18a936e56cb91cb271caef8b69076cf7bfa5af5867fbb7b71539b
-
SHA512
c05369a5ed9cc699a693a1691e244dfb3464e77bed44def397d2a2044c75e573ae5aae6078ee88b2d6331163260b2ab2f64e0bb46c39a7bfd5c1134a2a787fdb
Static task
static1
Behavioral task
behavioral1
Sample
c16a3ccc2ca18a936e56cb91cb271caef8b69076cf7bfa5af5867fbb7b71539b.exe
Resource
win10-en-20211104
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.best
Targets
-
-
Target
c16a3ccc2ca18a936e56cb91cb271caef8b69076cf7bfa5af5867fbb7b71539b
-
Size
192KB
-
MD5
207bf8ac14306d029a79a9b65bc637ae
-
SHA1
1787b589bf52a04594d24f3f39580da486377309
-
SHA256
c16a3ccc2ca18a936e56cb91cb271caef8b69076cf7bfa5af5867fbb7b71539b
-
SHA512
c05369a5ed9cc699a693a1691e244dfb3464e77bed44def397d2a2044c75e573ae5aae6078ee88b2d6331163260b2ab2f64e0bb46c39a7bfd5c1134a2a787fdb
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-