General
-
Target
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e.zip
-
Size
264KB
-
Sample
220521-jw6eaaecbj
-
MD5
a742bb651e4ed4a80b5ad06fe67273fa
-
SHA1
28030c2851f7ec09d2852c0cd716922690b26470
-
SHA256
817f8a462a1df530c1b9491135c3257bb95bb28c4923918368220100ac0034af
-
SHA512
1148a07c653ec726d20efe66580b121893225c4e75d12f7f0eacc0264d18078908690e929ea21908b303292e0f6c8e5c9ca84876e01a93708e43bb25f0a65034
Static task
static1
Behavioral task
behavioral1
Sample
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\readme.txt
https://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onion:80/
Targets
-
-
Target
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e.exe
-
Size
543KB
-
MD5
53fdeb923b1890d29b8f29da77995938
-
SHA1
a996ccd0d58125bf299e89f4c03ff37afdab33fc
-
SHA256
ae7c868713e1d02b4db60128c651eb1e3f6a33c02544cc4cb57c3aa6c6581b6e
-
SHA512
7c78e880f3d2dfc163625ff3d0b4676aa6a083dbbeac270520679f6b21d1c449c5af720ca7b9a68b5b3309e2de8d586cfed5d9b3a78d006e6d981a1aaf88c535
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Sets desktop wallpaper using registry
-