Extracted

• • Target

    5fa3bf951dde536ac87c0c6f6074e400e9a6a6e83fa6a07b617f608e24b4db0c

  • Size

    2.1MB

  • MD5

    6552b8bf9ba6a4931548fe65cde76ad4

  • SHA1

    0c81ed07b0fcc9b8a4ff983ed83dd1c83c8fa600

  • SHA256

    5fa3bf951dde536ac87c0c6f6074e400e9a6a6e83fa6a07b617f608e24b4db0c

  • SHA512

    4421f18fc7b276977366f4099e0602947b85ab0f0b7a75e818389d35b3d8e9d0b81b8128ef47dff47a45e4541d23512267139f361822e18b7bb807105071448d

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2