General
-
Target
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc
-
Size
8KB
-
Sample
221013-sjzweaafhr
-
MD5
060e10b04227a593886c4cd0928a3bf2
-
SHA1
054f9db834e37459f10b83f56691a5d6e7f28334
-
SHA256
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc
-
SHA512
dfaffc84c27b4cbfcd42e614a1f28088e3302b65212008aceea30c4f9803ae31f88a00d1b3de17e5b4f42bcbbe096f7a8eee4f431746b9751b999b6c161bd5e1
-
SSDEEP
192:Dzdrr1FG1WDCgmjPZpintNGXqpze5rXoUA:Dprr1gkDCgSan/GXqI5rXoB
Behavioral task
behavioral1
Sample
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc
-
Size
8KB
-
MD5
060e10b04227a593886c4cd0928a3bf2
-
SHA1
054f9db834e37459f10b83f56691a5d6e7f28334
-
SHA256
63d887d8e0404ccc73aa5e77c21ab9379d779d8da1faf8debf4b8d34100ae9dc
-
SHA512
dfaffc84c27b4cbfcd42e614a1f28088e3302b65212008aceea30c4f9803ae31f88a00d1b3de17e5b4f42bcbbe096f7a8eee4f431746b9751b999b6c161bd5e1
-
SSDEEP
192:Dzdrr1FG1WDCgmjPZpintNGXqpze5rXoUA:Dprr1gkDCgSan/GXqI5rXoB
Score10/10-
Detected Xorist Ransomware
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-