Extracted

• • Target

    efa0d4a79c4c971c680ef8020bb526b07a13061f4eb68ee6f5af9e42c6364bd8

  • Size

    1.1MB

  • MD5

    9f9c2bdf45f6a9940555fd1f009701ac

  • SHA1

    bd5b31a61969f10bada83618b27af8f3edf1cfc4

  • SHA256

    efa0d4a79c4c971c680ef8020bb526b07a13061f4eb68ee6f5af9e42c6364bd8

  • SHA512

    afaad1c71f2fd02b9c4641f640a0d39f07a4578b3f2f598be8626345eccde46290335e3c1fbc46a9c68a84640f8da012bc84c957b049f051860d4c0058007443

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1behavioral2