General
-
Target
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a.bin.sample
-
Size
3.2MB
-
Sample
211208-s4xlsagbd2
-
MD5
1c1fb24c14610e74c3b00d62f8b0dc06
-
SHA1
d49a276e5e55c8fb449b603beac70d7cd37753aa
-
SHA256
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a
-
SHA512
6ece399d5d7a0e5cb78d2db45163c6a99f32437604dd7ce40a6826f7c94d340eff84d777142386274f4d61170dcc0d877f7d733cd9c7843b1b22ae3c6cce540f
Static task
static1
Behavioral task
behavioral1
Sample
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a.bin.sample.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a.bin.sample.exe
Resource
win10-en-20211208
Malware Config
Extracted
C:\readme.txt
conti
http://contirec7nchr45rx6ympez5rjldibnqzh7lsa56lvjvaeywhvoj3wad.onion/ZABQk2xlwqLflJWvwNoGlzddhRYvIC9SNpWOrYfrIk2xDRkElNgqed0ljaLiHmLj
Targets
-
-
Target
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a.bin.sample
-
Size
3.2MB
-
MD5
1c1fb24c14610e74c3b00d62f8b0dc06
-
SHA1
d49a276e5e55c8fb449b603beac70d7cd37753aa
-
SHA256
82c8a9e6e9cef2aafefe6a828831c7dc1f8d422f8f6c18fef50cc8de32af6f9a
-
SHA512
6ece399d5d7a0e5cb78d2db45163c6a99f32437604dd7ce40a6826f7c94d340eff84d777142386274f4d61170dcc0d877f7d733cd9c7843b1b22ae3c6cce540f
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-