Extracted

• • Target

    ransom.exe

  • Size

    185KB

  • MD5

    3a3001ecddb08440a659d49e4e29a697

  • SHA1

    124d9ce50a4b0dfa0b150b44c77c85cd2589148c

  • SHA256

    64f1a2e5f52292fba8f64a851c466d558f1607cac783f30015f6df9e0dbce1c5

  • SHA512

    5b08e11eded00c94995c7d1d3e3ad195461dbe978618cdc638099dec8d52d39874b48cdfd4798ad82d3f3dc5cfaa4b5196c127c51a77779e20d6558a46f3275f

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1