Extracted

• • Target

    cb141f7346b20cf67b80b5f05ec27fffba0e83cc74b33c091a01c96f27a2a514

  • Size

    3.9MB

  • MD5

    be9f805802cbb981a2985a642db21f0b

  • SHA1

    fcb7cf1d4026ca4cc9a6c040404da65f1d9b7a63

  • SHA256

    cb141f7346b20cf67b80b5f05ec27fffba0e83cc74b33c091a01c96f27a2a514

  • SHA512

    a4b544f58cc6d964994a60c17e44c584ffe027a73be85d21207bb85fccbcb3fb29d2269e8a5eeb2cf571c17f3a540aed79ad83e5fb170bc9d1526b5a04ced385

  Score

  10^/10

  ransomwarespywarestealer

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2