General

  • Target

    227164b06f201b07a8b82800adcc6a831cadaed6709d1473fd4182858fbd80a5

  • Size

    103KB

  • Sample

    220215-ynvp5sagfr

  • MD5

    e323c6aee8b172b57203a7e478c1caca

  • SHA1

    61488490142f1602a542d6e0b6bf6d8ae0156c79

  • SHA256

    227164b06f201b07a8b82800adcc6a831cadaed6709d1473fd4182858fbd80a5

  • SHA512

    8947da6536d94597f3748200a3417c17b6fe148e15f8fe6d93379761c9da2bc3a31ab9f50854c78f27cc06a49ea56a25149635ae8a8ce8fa067a02d58c4331b4

Score
10/10

Malware Config

Targets

    • Target

      227164b06f201b07a8b82800adcc6a831cadaed6709d1473fd4182858fbd80a5

    • Size

      103KB

    • MD5

      e323c6aee8b172b57203a7e478c1caca

    • SHA1

      61488490142f1602a542d6e0b6bf6d8ae0156c79

    • SHA256

      227164b06f201b07a8b82800adcc6a831cadaed6709d1473fd4182858fbd80a5

    • SHA512

      8947da6536d94597f3748200a3417c17b6fe148e15f8fe6d93379761c9da2bc3a31ab9f50854c78f27cc06a49ea56a25149635ae8a8ce8fa067a02d58c4331b4

    Score
    10/10
    • Conti Ransomware

      Ransomware generally thought to be a successor to Ryuk.

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks