General
-
Target
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2
-
Size
204KB
-
Sample
220301-zww4lsdbdk
-
MD5
782cb9520afa288d801af7d66f70100b
-
SHA1
69ba88f3b9031e9667ae50079a70ed136d3eb99a
-
SHA256
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2
-
SHA512
23115f9351e0d8dd9e2fad8b161dc6ccd8f168eaad27442560d05171679de3d3f49cec0f7499d71c2a5aae0407dbbac1f3ae92214bd028bb431d161aca2bfbc2
Static task
static1
Behavioral task
behavioral1
Sample
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2.dll
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
C:\readme.txt
conti
http://contirec7nchr45rx6ympez5rjldibnqzh7lsa56lvjvaeywhvoj3wad.onion/LRJGK3K7QOL4vjslZNHfgF2rtwTW20Td9t6E1BDQGzftpW51Vb6xYFWvchsHF8u9
Targets
-
-
Target
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2
-
Size
204KB
-
MD5
782cb9520afa288d801af7d66f70100b
-
SHA1
69ba88f3b9031e9667ae50079a70ed136d3eb99a
-
SHA256
bce72f157baf8064117c80e67998acc83fd27f1de64e0c9a68ad5c9209bc2bd2
-
SHA512
23115f9351e0d8dd9e2fad8b161dc6ccd8f168eaad27442560d05171679de3d3f49cec0f7499d71c2a5aae0407dbbac1f3ae92214bd028bb431d161aca2bfbc2
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Sets desktop wallpaper using registry
-