General
-
Target
24a4df1511342b047b2f277ed0c665cf78291ee663a25864c49c933f71f870ef
-
Size
977KB
-
Sample
220611-1htxrshddp
-
MD5
2e19edf11c788a15e87e78a37ff1fa28
-
SHA1
7ca160ddb25a3b9fe712e2170edeeba10633ca27
-
SHA256
24a4df1511342b047b2f277ed0c665cf78291ee663a25864c49c933f71f870ef
-
SHA512
94f3b405f7a27115dd238984645cd0370266a534dd4e6da5fd6ecd2aa46eca52f41e1cd2da1010200eb8cd2415b3808b0ae047df595a36afdfd17479b15b59e3
Behavioral task
behavioral1
Sample
Scan643.scr
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Scan643.scr
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\README1.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README2.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README3.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README4.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README5.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README6.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README7.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README8.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README9.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
C:\README10.txt
novikov.vavila@gmail.com
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Targets
-
-
Target
Scan643.scr
-
Size
1.2MB
-
MD5
3c541358dc98a280d2b2f1c68c5cdc39
-
SHA1
cee3652559504d6c5e5a65a85b6312f2888eb52c
-
SHA256
b5a7031c0c73c41be82e234312f467ce9d2af244fd71dda4d3e54a8616224ce5
-
SHA512
d0d742523014c6f224524ef0bd65c7ee34e94250134c8bbf4cc3ba4c1242cfd7a6a4db8c692c72ce437a2834d93f74aac5386a6ec21d512ef1d1c594a6e8ed28
Score10/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-