General
-
Target
pyota.exe
-
Size
26.7MB
-
Sample
220111-s263fagchn
-
MD5
9d5a35b0d96e881752592922607923d3
-
SHA1
17b9ed31db60b5b833d6236b54385b0a2839d20f
-
SHA256
cea36e2758d9e155ef893676574030b42a3c02f2641b93dbe820ceb416f659f7
-
SHA512
bb1115202a424f21e35e6071be954de23336a7310ce79cb820ce07636428fed8b35902aa61c078f0bc2a1d036247a8fa598e9dffb4a817f5eff057148a75eebb
Static task
static1
Behavioral task
behavioral1
Sample
pyota.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
pyota.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
pyota.exe
-
Size
26.7MB
-
MD5
9d5a35b0d96e881752592922607923d3
-
SHA1
17b9ed31db60b5b833d6236b54385b0a2839d20f
-
SHA256
cea36e2758d9e155ef893676574030b42a3c02f2641b93dbe820ceb416f659f7
-
SHA512
bb1115202a424f21e35e6071be954de23336a7310ce79cb820ce07636428fed8b35902aa61c078f0bc2a1d036247a8fa598e9dffb4a817f5eff057148a75eebb
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-