General
-
Target
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8
-
Size
101KB
-
Sample
220215-ymmcdaagep
-
MD5
2d018bbe6d2b738944a4fb92d63bb3f9
-
SHA1
1a244bb0c42926ec181fe4d7e9515011168ca025
-
SHA256
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8
-
SHA512
a097e5ea19eb2edbb40546ec9bdf4ea100a7bf8de9a8b2e0d223e9333461ad0e295f362a2f0cf2ad076f9abffaa9f72c42dcb48d7fae724dee8907fae49f07e9
Static task
static1
Behavioral task
behavioral1
Sample
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8
-
Size
101KB
-
MD5
2d018bbe6d2b738944a4fb92d63bb3f9
-
SHA1
1a244bb0c42926ec181fe4d7e9515011168ca025
-
SHA256
81792fcbaad868d2e4aca1ed372f4a5abb34372d3265d5712a65cdfe05e42df8
-
SHA512
a097e5ea19eb2edbb40546ec9bdf4ea100a7bf8de9a8b2e0d223e9333461ad0e295f362a2f0cf2ad076f9abffaa9f72c42dcb48d7fae724dee8907fae49f07e9
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-