General
-
Target
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2
-
Size
17KB
-
Sample
220124-as4xlsgfhn
-
MD5
9fb3e3d1225cfcd817bf738e9679f7bb
-
SHA1
ae2fa958bda51615d52fa72aa95a3d27656e7745
-
SHA256
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2
-
SHA512
8402109f3109869aa4def46cf58756bf7f72dfa82321643a33d720441ffd122fab68e96cb12c1e2321f11f65b1a76773aa18f499adfa77834e733b3cead0792b
Static task
static1
Behavioral task
behavioral1
Sample
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2.exe
Resource
win10-en-20211208
Malware Config
Extracted
C:\\README.5f7aa573.TXT
darkside
http://darksidedxcftmqa.onion/blog/article/id/6/dQDclB_6Kg-c-6fJesONyHoaKh9BtI8j9Wkw2inG8O72jWaOcKbrxMWbPfKrUbHC
http://darksidfqzcuhtk2.onion/K71D6P88YTX04R3ISCJZHMD5IYV55V9247QHJY0HJYUXX68H2P05XPRIR5SP2U68
Targets
-
-
Target
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2
-
Size
17KB
-
MD5
9fb3e3d1225cfcd817bf738e9679f7bb
-
SHA1
ae2fa958bda51615d52fa72aa95a3d27656e7745
-
SHA256
ba57e3301a4fe3b136f3126dc717b55c40b1e6a3ef9f951b9b85ede731d61de2
-
SHA512
8402109f3109869aa4def46cf58756bf7f72dfa82321643a33d720441ffd122fab68e96cb12c1e2321f11f65b1a76773aa18f499adfa77834e733b3cead0792b
Score10/10-
DarkSide
Targeted ransomware first seen in August 2020. Operators steal data to use as leverage.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-