General
-
Target
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9
-
Size
217KB
-
Sample
220225-2wn44safbp
-
MD5
361f1652e8ccfbdeb823e1aaf068000a
-
SHA1
f698e9d777b110b8326830d0d2c4111327f92d0c
-
SHA256
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9
-
SHA512
68cf54ee0a83f74fbc1d18901ed9232db6480fba6c4cec97459e1ad1776295334e3fb6d675c3ba45e361641232aebf22492de489c5132e0af3b7560727fa792e
Static task
static1
Behavioral task
behavioral1
Sample
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9.dll
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
C:\readme.txt
conti
http://contirec7nchr45rx6ympez5rjldibnqzh7lsa56lvjvaeywhvoj3wad.onion/T9UEGlEZxoNgi7BShhU8oBHkfYPQiTYy3uf4bWT3LkyNQr5IGZV2XniaFxV4vDQ4
Targets
-
-
Target
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9
-
Size
217KB
-
MD5
361f1652e8ccfbdeb823e1aaf068000a
-
SHA1
f698e9d777b110b8326830d0d2c4111327f92d0c
-
SHA256
2586026617b117506dfe326f50e45476ce765a74fe48c8650d32980a4dfe5ee9
-
SHA512
68cf54ee0a83f74fbc1d18901ed9232db6480fba6c4cec97459e1ad1776295334e3fb6d675c3ba45e361641232aebf22492de489c5132e0af3b7560727fa792e
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-