General
-
Target
HEUR-Trojan.MSIL.Diztakun.gen-47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90.exe
-
Size
218KB
-
Sample
220925-vdzdssfdg5
-
MD5
325229663face78b4494f54eb2c77524
-
SHA1
00d64f749b359ec6d304cbd918118755762ddaa5
-
SHA256
47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90
-
SHA512
83fc59059ed4a03ae0b7b592d4b5fa15bc70180a5a792ad8f8b68c2d0c42556ea1f257e38aab2229dd640aced588998460ffea75c02243d61b477bce74c1f5d0
-
SSDEEP
6144:aZSNIPmoXWBoqiNab5jYDy375Qvq5ybpaJDr:hiPyBj5jGy3FkNwJv
Static task
static1
Behavioral task
behavioral1
Sample
HEUR-Trojan.MSIL.Diztakun.gen-47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
HEUR-Trojan.MSIL.Diztakun.gen-47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
HEUR-Trojan.MSIL.Diztakun.gen-47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90.exe
-
Size
218KB
-
MD5
325229663face78b4494f54eb2c77524
-
SHA1
00d64f749b359ec6d304cbd918118755762ddaa5
-
SHA256
47f5c7a0c27b925d9c1513ac73eecab3953327beda396fea0b2bbbe15467cb90
-
SHA512
83fc59059ed4a03ae0b7b592d4b5fa15bc70180a5a792ad8f8b68c2d0c42556ea1f257e38aab2229dd640aced588998460ffea75c02243d61b477bce74c1f5d0
-
SSDEEP
6144:aZSNIPmoXWBoqiNab5jYDy375Qvq5ybpaJDr:hiPyBj5jGy3FkNwJv
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-