General
-
Target
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039.bin
-
Size
215KB
-
Sample
220225-2z6hkahcg9
-
MD5
37cb63ecf10bed57f238691279d25d6c
-
SHA1
aceaa5ab418ea94d2bc16f3584024ab55b9afb7e
-
SHA256
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039
-
SHA512
ebc2391d3648cc3e9bc3aee9dfed28e672f55f23b8f828f5198450ef8d2cd49f1aae5c4315d05635ca5c1ff188eff1609e9f89fd4484b1e3119b3fda6ef8ab86
Static task
static1
Behavioral task
behavioral1
Sample
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.xyz/
Targets
-
-
Target
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039.bin
-
Size
215KB
-
MD5
37cb63ecf10bed57f238691279d25d6c
-
SHA1
aceaa5ab418ea94d2bc16f3584024ab55b9afb7e
-
SHA256
ea524e8b0dd046561b59a8d4da5a122aeff02036c87bb03056437a1d0f584039
-
SHA512
ebc2391d3648cc3e9bc3aee9dfed28e672f55f23b8f828f5198450ef8d2cd49f1aae5c4315d05635ca5c1ff188eff1609e9f89fd4484b1e3119b3fda6ef8ab86
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-