General
-
Target
1d1776e59c29907f9ac3d35e9c73ae42ff9a19c00163b16f377bff4e6c829f29.exe
-
Size
15.1MB
-
Sample
221016-sz14eahfen
-
MD5
9b253189fd669b4a178c76e9242e7a55
-
SHA1
ddae001eb03e8dc01866e791cb6923a2dcc8577b
-
SHA256
1d1776e59c29907f9ac3d35e9c73ae42ff9a19c00163b16f377bff4e6c829f29
-
SHA512
30746f1643906c54a5e55a014a404be9bdcbaf95a089d04c724d44eba9884af2618fc6b4b532ce41221a063a2c448d9a00324864c63464617ab1937b09a1824f
-
SSDEEP
98304:NLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOVU2ZZzRTC0rBC3FO:Nd9JTZksaJ+1orTRt9FTC0rBC3s
Malware Config
Targets
-
-
Target
1d1776e59c29907f9ac3d35e9c73ae42ff9a19c00163b16f377bff4e6c829f29.exe
-
Size
15.1MB
-
MD5
9b253189fd669b4a178c76e9242e7a55
-
SHA1
ddae001eb03e8dc01866e791cb6923a2dcc8577b
-
SHA256
1d1776e59c29907f9ac3d35e9c73ae42ff9a19c00163b16f377bff4e6c829f29
-
SHA512
30746f1643906c54a5e55a014a404be9bdcbaf95a089d04c724d44eba9884af2618fc6b4b532ce41221a063a2c448d9a00324864c63464617ab1937b09a1824f
-
SSDEEP
98304:NLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOVU2ZZzRTC0rBC3FO:Nd9JTZksaJ+1orTRt9FTC0rBC3s
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-