General
-
Target
83addebd5cb39a678a7900bfdf46c0166d2ab9036f90152391cd9f51d18b63a2
-
Size
15.0MB
-
Sample
221015-eamb3afbgj
-
MD5
0ce864dc7c370c4f65b60c846ed19200
-
SHA1
7796687e1eb14307c18bd52e5dc3d3c31785823f
-
SHA256
83addebd5cb39a678a7900bfdf46c0166d2ab9036f90152391cd9f51d18b63a2
-
SHA512
1cd84f64f9c181f55fc03476efcd14f8fe313e789f6b34fe8b6dc339df6a8776190478fde2b9a2559112085f668b61d9f670f8a543a4411701a8e07b99f5cc0e
-
SSDEEP
98304:yLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOVcl7x+oZHcV4i/kgE7/FG4V:yd9JTZksaJ+1orTRtwGfLg3FTC0rBC3s
Malware Config
Targets
-
-
Target
83addebd5cb39a678a7900bfdf46c0166d2ab9036f90152391cd9f51d18b63a2
-
Size
15.0MB
-
MD5
0ce864dc7c370c4f65b60c846ed19200
-
SHA1
7796687e1eb14307c18bd52e5dc3d3c31785823f
-
SHA256
83addebd5cb39a678a7900bfdf46c0166d2ab9036f90152391cd9f51d18b63a2
-
SHA512
1cd84f64f9c181f55fc03476efcd14f8fe313e789f6b34fe8b6dc339df6a8776190478fde2b9a2559112085f668b61d9f670f8a543a4411701a8e07b99f5cc0e
-
SSDEEP
98304:yLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOVcl7x+oZHcV4i/kgE7/FG4V:yd9JTZksaJ+1orTRtwGfLg3FTC0rBC3s
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-