General
-
Target
3719e20518b39d97f758f1bd158d73a7e36cf87b5a9a7feb670fefbe1b6877cc.exe
-
Size
7.8MB
-
Sample
221016-sttr5shfdr
-
MD5
95f4187c8d2c66a9730f90bc4188738e
-
SHA1
7ba5e5aa01455425d47734951b45236391e1e628
-
SHA256
3719e20518b39d97f758f1bd158d73a7e36cf87b5a9a7feb670fefbe1b6877cc
-
SHA512
a183b9988a0fb7294fe28bf996845844645258dca27acae8274770e9b78c9ee918ad3328fe39f9da658e27d9df9a1df78781269eef8dbe10599cb7984df8b81a
-
SSDEEP
98304:BLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5ZbOV5Z:Bd9JTZksaJ+1orTRt
Malware Config
Targets
-
-
Target
3719e20518b39d97f758f1bd158d73a7e36cf87b5a9a7feb670fefbe1b6877cc.exe
-
Size
7.8MB
-
MD5
95f4187c8d2c66a9730f90bc4188738e
-
SHA1
7ba5e5aa01455425d47734951b45236391e1e628
-
SHA256
3719e20518b39d97f758f1bd158d73a7e36cf87b5a9a7feb670fefbe1b6877cc
-
SHA512
a183b9988a0fb7294fe28bf996845844645258dca27acae8274770e9b78c9ee918ad3328fe39f9da658e27d9df9a1df78781269eef8dbe10599cb7984df8b81a
-
SSDEEP
98304:BLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5ZbOV5Z:Bd9JTZksaJ+1orTRt
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-