General
-
Target
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b
-
Size
194KB
-
Sample
220215-yn2tfsaggk
-
MD5
06a251b73a0213ad9e7b4ebbcf9ffee5
-
SHA1
19a3c705ac0b4b83e0c4ff3045f7eb2ffa44f2d5
-
SHA256
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b
-
SHA512
8e090d61d6a902f4ea3acb4752bfe75aa14b5aa17444ea95d34fdd60721666fb5e81f2ea5aaff52584f5e902e09a5a8635b279cf3c8104822fd4b46dba9a91a8
Static task
static1
Behavioral task
behavioral1
Sample
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b
-
Size
194KB
-
MD5
06a251b73a0213ad9e7b4ebbcf9ffee5
-
SHA1
19a3c705ac0b4b83e0c4ff3045f7eb2ffa44f2d5
-
SHA256
1201e76d42f85feb89d64e6fd497144ed3afe66281b2464e84f3b889f2867c9b
-
SHA512
8e090d61d6a902f4ea3acb4752bfe75aa14b5aa17444ea95d34fdd60721666fb5e81f2ea5aaff52584f5e902e09a5a8635b279cf3c8104822fd4b46dba9a91a8
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-