General
-
Target
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840
-
Size
69KB
-
Sample
220201-bvyn2segbr
-
MD5
b76547ddbc0e1629cd71bfff6bfce483
-
SHA1
874b1a91edf573896c1d03c79875b45d1508d4f7
-
SHA256
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840
-
SHA512
699ffeb2ed7d89006ec464977aff4bcbd1ac0725b9a5083b72f6440653b9b00a591eaf8c30328e005d3f3e16de87d4dd490725fffa905c6e1c0ae58eedfc1e6b
Static task
static1
Behavioral task
behavioral1
Sample
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\ProgramData\Microsoft\MF\BBF5A1-Readme.txt
netwalker
http://pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
http://rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
Targets
-
-
Target
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840
-
Size
69KB
-
MD5
b76547ddbc0e1629cd71bfff6bfce483
-
SHA1
874b1a91edf573896c1d03c79875b45d1508d4f7
-
SHA256
8753133dfcece88e52666fcf7e1a79400284b430ccb6320c78e425f6c5cf6840
-
SHA512
699ffeb2ed7d89006ec464977aff4bcbd1ac0725b9a5083b72f6440653b9b00a591eaf8c30328e005d3f3e16de87d4dd490725fffa905c6e1c0ae58eedfc1e6b
Score10/10-
Netwalker Ransomware
Ransomware family with multiple versions. Also known as MailTo.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-