General
-
Target
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c
-
Size
896KB
-
Sample
211209-pkqscacaa8
-
MD5
b5045d802394f4560280a7404af69263
-
SHA1
73e1c941a9e639d5ed4779af9a818d2f253dacd1
-
SHA256
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c
-
SHA512
93ac02b1aeaf0ab747c55ec434a08e78d150845124aede91b212e92eba68e526d3aa874ebcd54b19f899b1d36ca382c2168b109b9306794bca041ed499ec05c0
Static task
static1
Behavioral task
behavioral1
Sample
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c
-
Size
896KB
-
MD5
b5045d802394f4560280a7404af69263
-
SHA1
73e1c941a9e639d5ed4779af9a818d2f253dacd1
-
SHA256
321d0c4f1bbb44c53cd02186107a18b7a44c840a9a5f0a78bdac06868136b72c
-
SHA512
93ac02b1aeaf0ab747c55ec434a08e78d150845124aede91b212e92eba68e526d3aa874ebcd54b19f899b1d36ca382c2168b109b9306794bca041ed499ec05c0
Score10/10-
Modifies security service
-
Clears Windows event logs
-
Modifies boot configuration data using bcdedit
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-