General
-
Target
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
-
Size
589KB
-
Sample
220612-xl893sgag9
-
MD5
e43244db36895d6a28850d3408d80f45
-
SHA1
86ef0edf0a3f2f3edf4192fdd3addedda48945c9
-
SHA256
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
-
SHA512
d55ae92112dccbc515e4b9790bf7470304ae9fe3c50d200d31ba91ebbf1870f15978cdb622b0b51c126656865e5c947a201cffae337f058c8783a58813286004
Static task
static1
Behavioral task
behavioral1
Sample
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
-
Size
589KB
-
MD5
e43244db36895d6a28850d3408d80f45
-
SHA1
86ef0edf0a3f2f3edf4192fdd3addedda48945c9
-
SHA256
1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
-
SHA512
d55ae92112dccbc515e4b9790bf7470304ae9fe3c50d200d31ba91ebbf1870f15978cdb622b0b51c126656865e5c947a201cffae337f058c8783a58813286004
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-