nefilim | 56079f3294f7d1e2b24c420d14d0562b25dd14857bac7c12ff57736b897b7d33 | Triage

Submit
Reports

Overview

overview

Static

static

fb3f622cf5...e7.exe

windows7-x64

fb3f622cf5...e7.exe

windows10-2004-x64

Sharing

General

Target

fb3f622cf5557364a0a3abacc3e9acf399b3631bf3630acb8132514c486751e7.zip
Size

1.8MB
Sample

221006-vzx3vsaae4
MD5

2e9e2aa69cce81543c32f7b7a1901304
SHA1

7b0f370a029e660268a3a36ac0668ea2138ab40b
SHA256

56079f3294f7d1e2b24c420d14d0562b25dd14857bac7c12ff57736b897b7d33
SHA512

81ae25583033ee687680f74118418141295e5eee023ee91d4517de1b18f916d7459b8543fd238cce26f386ab3d80327bb730184396d5160071fac725322e2777
SSDEEP

49152:HwJCYDsKnpDurRjkg5sccmv7y7fRmsrpsoIIRlfridU9:H+XnIrR4VbR/psGzuq

Score

10^/10

nefilim ransomware

Static task

static1

Behavioral task

behavioral1

Sample

fb3f622cf5557364a0a3abacc3e9acf399b3631bf3630acb8132514c486751e7.exe

Resource

win7-20220812-en

nefilim ransomware

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

fb3f622cf5557364a0a3abacc3e9acf399b3631bf3630acb8132514c486751e7.exe

Resource

win10v2004-20220812-en

nefilim ransomware

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  fb3f622cf5557364a0a3abacc3e9acf399b3631bf3630acb8132514c486751e7.exe
- Size
  
  3.3MB
- MD5
  
  68bb371accb1bc914675c0ab626a9019
- SHA1
  
  802a5fc4f1fdfae4a8cf99a4544c191641f9bceb
- SHA256
  
  fb3f622cf5557364a0a3abacc3e9acf399b3631bf3630acb8132514c486751e7
- SHA512
  
  d72af358decda2f2caf1a7f1f6d83d457e0c6156753362a9ae1d3118dbb7706acff019be160028045ca2d22281fae4abf0ffdb6f27680cade0ade634e42bf84f
- SSDEEP
  
  49152:Nr9+Z4T+qn3bYXIFgY7LUvRL5PXwTvewrPiRnmUf:59+Z0nnFTUXCb
Score

10^/10

nefilim ransomware
- Nefilim
  Ransomware first seen in early 2020 which shares code with the Nemty family. Rewritten in Golang in July 2020.
  ransomware nefilim
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

nefilimransomware

behavioral2

nefilimransomware

© 2018-2024

Terms | Privacy