General
-
Target
b4f5429d48cb4203db32cbb511109fa05792220fd112faa303d93a064def25a7
-
Size
53KB
-
Sample
220211-hc7mkadeep
-
MD5
a75bbb6cc8d0f1ad57792bbf20d36081
-
SHA1
8da9471ded28b9b55ab53dd9cbb70db6ee0436dd
-
SHA256
b4f5429d48cb4203db32cbb511109fa05792220fd112faa303d93a064def25a7
-
SHA512
2e85497c6582dc088544199ec3e39c94d354c66a3886940d80dc421c32e934167658ca91c9a8cb273677151c38cb4c3ae4bb4c8480879083cfdd9623b7d829e3
Malware Config
Targets
-
-
Target
b4f5429d48cb4203db32cbb511109fa05792220fd112faa303d93a064def25a7
-
Size
53KB
-
MD5
a75bbb6cc8d0f1ad57792bbf20d36081
-
SHA1
8da9471ded28b9b55ab53dd9cbb70db6ee0436dd
-
SHA256
b4f5429d48cb4203db32cbb511109fa05792220fd112faa303d93a064def25a7
-
SHA512
2e85497c6582dc088544199ec3e39c94d354c66a3886940d80dc421c32e934167658ca91c9a8cb273677151c38cb4c3ae4bb4c8480879083cfdd9623b7d829e3
Score10/10-
GlobeImposter
GlobeImposter is a ransomware first seen in 2017.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-