General
-
Target
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7
-
Size
7KB
-
Sample
221014-d3t2yaeeg9
-
MD5
41084ab3be6d49c1483b0b192de7f636
-
SHA1
d67312b7e4e6c0c127b12ca1bda92a8c7ad7c6c6
-
SHA256
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7
-
SHA512
7abe0cc4a5b8c5ddec7f57179b08bdef48b2bc6a2ef1bc1297c5c972c76fffdad8f389c11bb0b12db2c5aedfed643e668cd2e9ed37ee634a799491a6e0e53ef1
-
SSDEEP
192:0zdrr1FG1WDCgmjPZFeLzdtPJftSGMUA:0prr1gkDCgSaTFtnMB
Behavioral task
behavioral1
Sample
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7
-
Size
7KB
-
MD5
41084ab3be6d49c1483b0b192de7f636
-
SHA1
d67312b7e4e6c0c127b12ca1bda92a8c7ad7c6c6
-
SHA256
d016bf6e8ee34476729a5d7a8d33f068344ccb39141f3091663c269a6341d9f7
-
SHA512
7abe0cc4a5b8c5ddec7f57179b08bdef48b2bc6a2ef1bc1297c5c972c76fffdad8f389c11bb0b12db2c5aedfed643e668cd2e9ed37ee634a799491a6e0e53ef1
-
SSDEEP
192:0zdrr1FG1WDCgmjPZFeLzdtPJftSGMUA:0prr1gkDCgSaTFtnMB
Score10/10-
Detected Xorist Ransomware
-
Drops file in Drivers directory
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-