General
-
Target
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe
-
Size
169KB
-
Sample
220305-21fnjabcak
-
MD5
98562209465bec53327e65649a2b8829
-
SHA1
3a47656ed3df213bd934aa01078a863568fe9f2b
-
SHA256
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe
-
SHA512
c11ce14f9cb75df2bc9bd81971c1f8fa885815715f389eb8e796e0f657de59756b36a6f896c216a03c7be7bb3ddff9b8a47aee71146760e4f4d9c6bdc0ff2cc3
Static task
static1
Behavioral task
behavioral1
Sample
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\!!Read_Me.7EF1B.html
Extracted
C:\!!Read_Me.FC057.html
Targets
-
-
Target
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe
-
Size
169KB
-
MD5
98562209465bec53327e65649a2b8829
-
SHA1
3a47656ed3df213bd934aa01078a863568fe9f2b
-
SHA256
b5466ce462df16b3a29f22192b1291d70479cacf35bd5e937f35b2567da948fe
-
SHA512
c11ce14f9cb75df2bc9bd81971c1f8fa885815715f389eb8e796e0f657de59756b36a6f896c216a03c7be7bb3ddff9b8a47aee71146760e4f4d9c6bdc0ff2cc3
Score10/10-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-