General
-
Target
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368.exe
-
Size
79KB
-
Sample
220929-lpxjxaada4
-
MD5
2cd19f67df6d9e1a42e9893e3813b459
-
SHA1
308b02416b9930bfc1d3fbbef9d184dcbf5714b4
-
SHA256
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368
-
SHA512
1b77d760ba626308fd67572189821b7c97bf619495da7bd063fe35ee5eceedfe08dfbee02b9d26381b23cdab848bcad27a56632b89a702bb9cac1e5026de5304
-
SSDEEP
1536:m6UhZM4hubesrQLOJgY8ZZP8LHD4XWaNH71dLdG1iiFM2iG2zs4:ghZ5YesrQLOJgY8Zp8LHD4XWaNH71dLI
Static task
static1
Behavioral task
behavioral1
Sample
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368.exe
-
Size
79KB
-
MD5
2cd19f67df6d9e1a42e9893e3813b459
-
SHA1
308b02416b9930bfc1d3fbbef9d184dcbf5714b4
-
SHA256
1d5f8c4e2cb635bb5cfb001dfd0db882b9eeea700f04a6b9cb1a934667b85368
-
SHA512
1b77d760ba626308fd67572189821b7c97bf619495da7bd063fe35ee5eceedfe08dfbee02b9d26381b23cdab848bcad27a56632b89a702bb9cac1e5026de5304
-
SSDEEP
1536:m6UhZM4hubesrQLOJgY8ZZP8LHD4XWaNH71dLdG1iiFM2iG2zs4:ghZ5YesrQLOJgY8Zp8LHD4XWaNH71dLI
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-