General
-
Target
texi64.bin.zip
-
Size
158KB
-
Sample
220506-sg6aeaaae5
-
MD5
e2b253a754429df3aba20e6392f083e9
-
SHA1
b96339861a8784336b812131395307b314fdb0b1
-
SHA256
99a14d455baa06e9f30d34d73509ce6bdadeb66cc96b94cfd3f06ff80d07300d
-
SHA512
996162a2e949bb93e70383731614193631e762da5af4bda9eb7e6dfe65a97b34f293ce145a3b451d3fbc5240982fd7d755a8fce240901498f4a9a95a6bb55d6a
Static task
static1
Behavioral task
behavioral1
Sample
texi64.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
texi64.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
texi64.bin
-
Size
280KB
-
MD5
f2b8daf9be5866844bb5f1a860d4433f
-
SHA1
6097602f35245926bdcbffcd86ef6f67b2af7bd8
-
SHA256
e4756dc21114c9de523af307992382dfd0fc0cf7ccf19d5351998c498561ca20
-
SHA512
b26d90b64bea4b7177d83498efb58d42902e4cc76e9386fd6be6040a5b17d28ed1093b769a4728cfa1e0fdb756c8238a1b8914379b161bf8d6b1f51324a4b73a
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-