Extracted

• • Target

    24ac73821de77cc9644d2ac40e97067ff63f625b5f20e085ad10535e47d7db59.exe

  • Size

    1.0MB

  • MD5

    42800d065e5855e261cc617fa688850f

  • SHA1

    6c7b35e36830c1cc613fb08280ee25e5fbba9937

  • SHA256

    24ac73821de77cc9644d2ac40e97067ff63f625b5f20e085ad10535e47d7db59

  • SHA512

    9e6e09aa81666c491058773b312d2c3178c4d6d6d295c455e8ad40f186f2081a6cc3b00e6a9eeefd66a806e05019d496cb2d54e2dcf45cc6b63ab7d55f9c2154

  Score

  10^/10

  contiransomwarespywarestealer

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1behavioral2