General
-
Target
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7
-
Size
7KB
-
Sample
221027-vh3a9achhq
-
MD5
67bb8a3330bb6436c8d0fc4261415204
-
SHA1
a7b324d839283c1f25c95bd8a55df002a73867ca
-
SHA256
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7
-
SHA512
631bdd40549435a3c7b71d8b2163fa90fdb2e2e51f31981d711e491fad08566a03ae8dd06db031265234c5a5e82f0fcbd0edd6ba27b420d9b2bd260b5a820969
-
SSDEEP
96:YFZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihExn0OrZB7LclNVAxp97pF:Szdrr1FG1WDCgmjPZnTVtc2vRqMUA
Behavioral task
behavioral1
Sample
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7
-
Size
7KB
-
MD5
67bb8a3330bb6436c8d0fc4261415204
-
SHA1
a7b324d839283c1f25c95bd8a55df002a73867ca
-
SHA256
28b4e5564f649207005d68f8a208a1d3517a1065d8a20503d6166342319567e7
-
SHA512
631bdd40549435a3c7b71d8b2163fa90fdb2e2e51f31981d711e491fad08566a03ae8dd06db031265234c5a5e82f0fcbd0edd6ba27b420d9b2bd260b5a820969
-
SSDEEP
96:YFZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihExn0OrZB7LclNVAxp97pF:Szdrr1FG1WDCgmjPZnTVtc2vRqMUA
Score10/10-
Detected Xorist Ransomware
-
Drops file in Drivers directory
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-