General
-
Target
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997
-
Size
179KB
-
Sample
220215-ynx59saggj
-
MD5
e4dd4afa81fb9a0725f2b20e25a32feb
-
SHA1
a6cada7d8800aeee2dfb45e2853be90a3a99cfb9
-
SHA256
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997
-
SHA512
fac4fc91dc66f31aaccb9a1ec6ace77558b9c5806a9c28947294a73ad8c4501d6680d65c6fec461eae3502881a973e172b45fd472242baa8c873c447a34fb536
Static task
static1
Behavioral task
behavioral1
Sample
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997
-
Size
179KB
-
MD5
e4dd4afa81fb9a0725f2b20e25a32feb
-
SHA1
a6cada7d8800aeee2dfb45e2853be90a3a99cfb9
-
SHA256
1ee0bbfe78f6da5eea5e4aad6992cfcfe3aa824584c04aa3fba5a0d9c605b997
-
SHA512
fac4fc91dc66f31aaccb9a1ec6ace77558b9c5806a9c28947294a73ad8c4501d6680d65c6fec461eae3502881a973e172b45fd472242baa8c873c447a34fb536
Score10/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-