General
-
Target
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847
-
Size
158KB
-
Sample
220304-sj455agfhl
-
MD5
4db7ef3cf6080d5e24b98a8581d32bef
-
SHA1
00ff8c9e268188ae0e0ab8622c141774448cee67
-
SHA256
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847
-
SHA512
a626b8191d6326273c15008ce6f23bf31c815da7b843068149d094049197f0395d605ac10bb2c37ad1912e7e0f1f9d5c31894f614255ce45a1005cfb0f15c94c
Static task
static1
Behavioral task
behavioral1
Sample
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847.dll
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
C:\readme.txt
conti
http://contirec7nchr45rx6ympez5rjldibnqzh7lsa56lvjvaeywhvoj3wad.onion/wHUMNAhqn0BRlXDVwazaoC1e7OBRqvYe8iOyTn7MaoVFQo9qxTKGpjbY6A9u4jPD
Targets
-
-
Target
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847
-
Size
158KB
-
MD5
4db7ef3cf6080d5e24b98a8581d32bef
-
SHA1
00ff8c9e268188ae0e0ab8622c141774448cee67
-
SHA256
fca8d48afa7e5535fb71fd22225e86602d47dcfa5a4924fcbc33aecd9c945847
-
SHA512
a626b8191d6326273c15008ce6f23bf31c815da7b843068149d094049197f0395d605ac10bb2c37ad1912e7e0f1f9d5c31894f614255ce45a1005cfb0f15c94c
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Sets desktop wallpaper using registry
-