General
-
Target
ce1b33b403f8aba22a52ef56066d7c9828737a17073dfaf1d421a6da83ee1f9d
-
Size
1.2MB
-
Sample
221018-fm8w9seggr
-
MD5
54e7596c05f8704ff591569fc074380f
-
SHA1
845dce475e9a1ff725dd653cd2bb52f0c11272e9
-
SHA256
ce1b33b403f8aba22a52ef56066d7c9828737a17073dfaf1d421a6da83ee1f9d
-
SHA512
64cd35c3d13b7c7de71e00d08b70133861495b7578b3fa15c41151511b8dc64194bf6dea755ff313615beb5104c2b757b0321f6670ffc085afe23b941c42f35e
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3:JjLuSh3
Malware Config
Targets
-
-
Target
ce1b33b403f8aba22a52ef56066d7c9828737a17073dfaf1d421a6da83ee1f9d
-
Size
1.2MB
-
MD5
54e7596c05f8704ff591569fc074380f
-
SHA1
845dce475e9a1ff725dd653cd2bb52f0c11272e9
-
SHA256
ce1b33b403f8aba22a52ef56066d7c9828737a17073dfaf1d421a6da83ee1f9d
-
SHA512
64cd35c3d13b7c7de71e00d08b70133861495b7578b3fa15c41151511b8dc64194bf6dea755ff313615beb5104c2b757b0321f6670ffc085afe23b941c42f35e
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3:JjLuSh3
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-