General
-
Target
98272CADA9CAF84C31D70FDC3705E95EF73CB4A5C507E2CF3CAEE1893A7A6F63.bin
-
Size
700KB
-
Sample
220726-qevpsadbh7
-
MD5
46a1325bb01e37e0ee2d2ba37db257f2
-
SHA1
fde5f666007cdb1fd1dddd2fefbed916992e9e65
-
SHA256
98272cada9caf84c31d70fdc3705e95ef73cb4a5c507e2cf3caee1893a7a6f63
-
SHA512
2244ad1c7cc1814d0ca2a646ad1d158fef6a269bfcaa327d46400c6ab7edb595b1c47393cfcbb9b15c6f748f50515a4da397733972198453822b03757861ff72
Behavioral task
behavioral1
Sample
98272CADA9CAF84C31D70FDC3705E95EF73CB4A5C507E2CF3CAEE1893A7A6F63.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
98272CADA9CAF84C31D70FDC3705E95EF73CB4A5C507E2CF3CAEE1893A7A6F63.exe
Resource
win10-20220414-en
Behavioral task
behavioral3
Sample
98272CADA9CAF84C31D70FDC3705E95EF73CB4A5C507E2CF3CAEE1893A7A6F63.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
C:\Recovery\99860222-0484-11ed-bcd8-ba0b3c5a7892\README.txt
darkside
22eb687475f2c5ca30b@protonmail.com
Targets
-
-
Target
98272CADA9CAF84C31D70FDC3705E95EF73CB4A5C507E2CF3CAEE1893A7A6F63.bin
-
Size
700KB
-
MD5
46a1325bb01e37e0ee2d2ba37db257f2
-
SHA1
fde5f666007cdb1fd1dddd2fefbed916992e9e65
-
SHA256
98272cada9caf84c31d70fdc3705e95ef73cb4a5c507e2cf3caee1893a7a6f63
-
SHA512
2244ad1c7cc1814d0ca2a646ad1d158fef6a269bfcaa327d46400c6ab7edb595b1c47393cfcbb9b15c6f748f50515a4da397733972198453822b03757861ff72
Score10/10-
DarkSide
Targeted ransomware first seen in August 2020. Operators steal data to use as leverage.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-