General
-
Target
Doitman.exe
-
Size
125KB
-
Sample
211209-jj1y2abac2
-
MD5
f28ac8c53e1776f0bb151bfe969cb50c
-
SHA1
ac6d92aa5213bf0431999688f63c37d72a6206bf
-
SHA256
e95902e83c3cd7ceef665f91faba200dd487a073996e34ae3f041a00d0a061a5
-
SHA512
5ccb69f839dda459fca95a0731a152f831e32e23521e47506710a824a1d5779d59ce1752f623b700a1416263a5537f7c92c16f43c6c9ded028839493bbed8e7c
Static task
static1
Behavioral task
behavioral1
Sample
Doitman.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Doitman.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
Doitman.exe
-
Size
125KB
-
MD5
f28ac8c53e1776f0bb151bfe969cb50c
-
SHA1
ac6d92aa5213bf0431999688f63c37d72a6206bf
-
SHA256
e95902e83c3cd7ceef665f91faba200dd487a073996e34ae3f041a00d0a061a5
-
SHA512
5ccb69f839dda459fca95a0731a152f831e32e23521e47506710a824a1d5779d59ce1752f623b700a1416263a5537f7c92c16f43c6c9ded028839493bbed8e7c
Score8/10-
Modifies Installed Components in the registry
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-