General
-
Target
7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe
-
Size
379KB
-
Sample
220418-y9cfpahad5
-
MD5
5a44e1d5691ec9395281123ea0bd501f
-
SHA1
64566d5049479227d2eff3d983b127c0339974cd
-
SHA256
7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9
-
SHA512
55d85e77f70f25bae6cf8bbf5dd787d5771c2e38e99461b608f6375be9cb0b1031f3c0268b82eb03db05eb88ce37d5f37afbfc69ab0c4f90791a706013b168c8
Static task
static1
Behavioral task
behavioral1
Sample
7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe
Resource
win10-20220414-en
Malware Config
Extracted
C:\Documents and Settings\WANNA_RECOVER_KOXIC_FILEZ_NOLUQ.txt
Targets
-
-
Target
7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe
-
Size
379KB
-
MD5
5a44e1d5691ec9395281123ea0bd501f
-
SHA1
64566d5049479227d2eff3d983b127c0339974cd
-
SHA256
7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9
-
SHA512
55d85e77f70f25bae6cf8bbf5dd787d5771c2e38e99461b608f6375be9cb0b1031f3c0268b82eb03db05eb88ce37d5f37afbfc69ab0c4f90791a706013b168c8
Score10/10-
Disables taskbar notifications via registry modification
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-