Extracted

• • Target

    10b9b1d8f6bafd9bb57ccfb1da4a658f10207d566781fa5fb3c4394d283e860e.bin.sample

  • Size

    21KB

  • MD5

    a60c5212d52fe1488d2f82989a2947d2

  • SHA1

    0a744d6c76902d28eb6687d66c18b0a354f29b9d

  • SHA256

    10b9b1d8f6bafd9bb57ccfb1da4a658f10207d566781fa5fb3c4394d283e860e

  • SHA512

    afd14daa5bd9448e09f25d561e8be34e16f93a2825129d165e817a4a2a3ffc339efefd6f26e78c4853acfbce7f51c88b81601324b123d8c377d72da15dcf9327

  Score

  10^/10

  magniberransomware

  • Magniber Ransomware

    Ransomware family widely seen in Asia being distributed by the Magnitude exploit kit.

    ransomwaremagniber

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2