General
-
Target
ransomware
-
Size
117KB
-
Sample
220525-s68rtsfeep
-
MD5
bced4f87dbacf3f37886e2e08d933b11
-
SHA1
d685d1a46456d4c47099b1b25d4a84ec96dcd612
-
SHA256
cc1e56d32ad111cff31ecf7a53efeeaedfaa2d93ed5f85c8085b56be7643e01a
-
SHA512
410097c11a568194c5d121a8ea26184c0bf7a3a8fe3a53a27acca9013eac37b7a2da23747f3035d7d087314941755a6ecd514dd9416284e079dccf8a0448dfc8
Static task
static1
Behavioral task
behavioral1
Sample
ransomware.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ransomware.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
ransomware
-
Size
117KB
-
MD5
bced4f87dbacf3f37886e2e08d933b11
-
SHA1
d685d1a46456d4c47099b1b25d4a84ec96dcd612
-
SHA256
cc1e56d32ad111cff31ecf7a53efeeaedfaa2d93ed5f85c8085b56be7643e01a
-
SHA512
410097c11a568194c5d121a8ea26184c0bf7a3a8fe3a53a27acca9013eac37b7a2da23747f3035d7d087314941755a6ecd514dd9416284e079dccf8a0448dfc8
Score9/10-
Disables Task Manager via registry modification
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-