General
-
Target
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594
-
Size
89KB
-
Sample
220511-268aqsfbfq
-
MD5
f974efbf6b643894e4b49b45059f0356
-
SHA1
c7d16c92e93810d548850271090b9f2966afd45b
-
SHA256
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594
-
SHA512
6ce76c69bf412f0e9f011cc5030fcadfe158c1ee14b73d14cd625b7aff99747817dbdd621a4773963b9fd9cdda47bd21dcca9fb508763981b7fd1300487ba692
Static task
static1
Behavioral task
behavioral1
Sample
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\!!Read_me_How_To_Recover_My_Files.html
Extracted
C:\!!Read_me_How_To_Recover_My_Files.html
Targets
-
-
Target
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594
-
Size
89KB
-
MD5
f974efbf6b643894e4b49b45059f0356
-
SHA1
c7d16c92e93810d548850271090b9f2966afd45b
-
SHA256
e475d8d45a50f22007579f49e0b79d88ea302d71f429ea1c0f2f8f76f60b9594
-
SHA512
6ce76c69bf412f0e9f011cc5030fcadfe158c1ee14b73d14cd625b7aff99747817dbdd621a4773963b9fd9cdda47bd21dcca9fb508763981b7fd1300487ba692
Score10/10-
Blocklisted process makes network request
-
Modifies Windows Firewall
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-