General

  • Target

    4e3b5c5f42afbc601982cd49b723b493da0928d753548c7ed5e25927a597835b

  • Size

    101KB

  • Sample

    220215-ynhqksagfp

  • MD5

    8658fcbbd619b53454f14665dba30ebe

  • SHA1

    9ddeb338864dea3def5889cd0ee6d499b901691f

  • SHA256

    4e3b5c5f42afbc601982cd49b723b493da0928d753548c7ed5e25927a597835b

  • SHA512

    669aad285df166eea0c3847679d2482f0e42c78bd2661919b90ee5f2326a43aa14f12bb67202a0d196533519b88d66f6c0f935af5c9133a1cfdba88104ae300a

Score
10/10

Malware Config

Targets

    • Target

      4e3b5c5f42afbc601982cd49b723b493da0928d753548c7ed5e25927a597835b

    • Size

      101KB

    • MD5

      8658fcbbd619b53454f14665dba30ebe

    • SHA1

      9ddeb338864dea3def5889cd0ee6d499b901691f

    • SHA256

      4e3b5c5f42afbc601982cd49b723b493da0928d753548c7ed5e25927a597835b

    • SHA512

      669aad285df166eea0c3847679d2482f0e42c78bd2661919b90ee5f2326a43aa14f12bb67202a0d196533519b88d66f6c0f935af5c9133a1cfdba88104ae300a

    Score
    10/10
    • Conti Ransomware

      Ransomware generally thought to be a successor to Ryuk.

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks