General
-
Target
22CE389E63E27EB9AF106D70BEF9AF17.exe
-
Size
1.5MB
-
Sample
220411-yswg8shfhm
-
MD5
22ce389e63e27eb9af106d70bef9af17
-
SHA1
6f9187f33e079255d838b8dc31c09e58c6529727
-
SHA256
d6ce2ac21b152bdace29cd88f53a8b7c5c0e78e4f49905d0ffe61e44e22966dc
-
SHA512
80e1b6f4b1cef5d1054897cf6940f76fe1aecb105c31fa43500390c168408f01a5a33d11750bd5e2fa02fa4962a5b43254c5adf19b87744ed08ca8e62520130b
Malware Config
Targets
-
-
Target
22CE389E63E27EB9AF106D70BEF9AF17.exe
-
Size
1.5MB
-
MD5
22ce389e63e27eb9af106d70bef9af17
-
SHA1
6f9187f33e079255d838b8dc31c09e58c6529727
-
SHA256
d6ce2ac21b152bdace29cd88f53a8b7c5c0e78e4f49905d0ffe61e44e22966dc
-
SHA512
80e1b6f4b1cef5d1054897cf6940f76fe1aecb105c31fa43500390c168408f01a5a33d11750bd5e2fa02fa4962a5b43254c5adf19b87744ed08ca8e62520130b
Score10/10-
DMA Locker
Ransomware family with some advanced features, like encryption of unmapped network shares.
-
HawkEye
HawkEye is a malware kit that has seen continuous development since at least 2013.
-
Locky
Ransomware strain released in 2016, with advanced features like anti-analysis.
-
Locky (Osiris variant)
Variant of the Locky ransomware seen in the wild since early 2017.
-
Modifies system executable filetype association
-
Wannacry
WannaCry is a ransomware cryptoworm.
-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Drops startup file
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-