General
-
Target
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb
-
Size
186KB
-
Sample
220628-wy6t2sbdgr
-
MD5
264f16260d200d0501cf83220ed9a30a
-
SHA1
e180fb8857825be29e05bdb73cb8a1ac13a67d12
-
SHA256
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb
-
SHA512
a37c957437252a6765739371048e86da369ee7177a4f495ef86813e58b05d5dbba2327552740fabae69e8fbe6d45149483c9b1cfcb87761b92697629a3047091
Static task
static1
Behavioral task
behavioral1
Sample
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb
-
Size
186KB
-
MD5
264f16260d200d0501cf83220ed9a30a
-
SHA1
e180fb8857825be29e05bdb73cb8a1ac13a67d12
-
SHA256
d7439836f8d815eb5d6ad8e7fc735ba194f029711883bebc225f70e0ce0ae2eb
-
SHA512
a37c957437252a6765739371048e86da369ee7177a4f495ef86813e58b05d5dbba2327552740fabae69e8fbe6d45149483c9b1cfcb87761b92697629a3047091
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Loads dropped DLL
-
Sets desktop wallpaper using registry
-
Suspicious use of SetThreadContext
-