General
-
Target
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6
-
Size
69KB
-
Sample
220201-bst8vafcb4
-
MD5
0785541c4b95cca9d0e2828c8752228a
-
SHA1
0b38844de0cb7ded97c42c89d805963790223d2e
-
SHA256
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6
-
SHA512
845b12af05b673e18a244345f4b9082888773c2ead6d4b376735df7dea0452e495f298e96bda51747b092d38941cfe3778406c2e199f5e98b7cd2284d5f394f4
Static task
static1
Behavioral task
behavioral1
Sample
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\Program Files (x86)\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\CB0131-Readme.txt
netwalker
http://pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
http://rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
Targets
-
-
Target
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6
-
Size
69KB
-
MD5
0785541c4b95cca9d0e2828c8752228a
-
SHA1
0b38844de0cb7ded97c42c89d805963790223d2e
-
SHA256
afc240b8b55070589e6cd98ab05fb846e2ba3ea62a053f38737bf9f352f5e0f6
-
SHA512
845b12af05b673e18a244345f4b9082888773c2ead6d4b376735df7dea0452e495f298e96bda51747b092d38941cfe3778406c2e199f5e98b7cd2284d5f394f4
Score10/10-
Netwalker Ransomware
Ransomware family with multiple versions. Also known as MailTo.
-