General
-
Target
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040
-
Size
212KB
-
Sample
220616-hvbmvagacp
-
MD5
85181bc7f85b197b6128031a2781dd08
-
SHA1
750160b2d1a83e743bb06584bad158b0bb4ef426
-
SHA256
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040
-
SHA512
ac51fd25bf4ff5f41ce503d65dbcd9c1f4b9a078393bacb3a619b030e1014ec73ff75ec1cd456a6d28a4f09307c01cd744621edc5aa7d4f6c9f1cee4d2acd741
Static task
static1
Behavioral task
behavioral1
Sample
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040
-
Size
212KB
-
MD5
85181bc7f85b197b6128031a2781dd08
-
SHA1
750160b2d1a83e743bb06584bad158b0bb4ef426
-
SHA256
26dd7e5586e14c19b2e691249222f761f49dbed6b4a418f5c01f324848047040
-
SHA512
ac51fd25bf4ff5f41ce503d65dbcd9c1f4b9a078393bacb3a619b030e1014ec73ff75ec1cd456a6d28a4f09307c01cd744621edc5aa7d4f6c9f1cee4d2acd741
Score10/10-
suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
suricata: ET MALWARE Locky CnC Checkin HTTP Pattern
-
suricata: ET MALWARE Locky CnC checkin Nov 21 M2
suricata: ET MALWARE Locky CnC checkin Nov 21 M2
-
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-
Suspicious use of SetThreadContext
-