Extracted

• • Target

    740ba8dc67571ffa4773ff6eb52ed745b5bf6e7fe93c941070da4c3915787476

  • Size

    170KB

  • MD5

    33fc8b47fd2ad20f0a16e34341a8a675

  • SHA1

    6e72a08f86b9a04cf37b568e421ba8518c50ebf2

  • SHA256

    740ba8dc67571ffa4773ff6eb52ed745b5bf6e7fe93c941070da4c3915787476

  • SHA512

    ed9daa3632e392a8202ea6583d92a4d49b7b91d24eb61fff50d07edc6df3d60b4f0e0d064fba20e06d062c22ab3130529d32b28c660d13377722d2dc18391db3

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1