Extracted

• • Target

    7bad3bfde268d71c7dfd13c6d62dc607427912e4106cb4247ef26f4c822fab63

  • Size

    35KB

  • MD5

    e90699a13fec55e39e444b3f5dfa98ce

  • SHA1

    76283d6c1eea982096fa168b138772094c812474

  • SHA256

    7bad3bfde268d71c7dfd13c6d62dc607427912e4106cb4247ef26f4c822fab63

  • SHA512

    7b721c6b001c9b0c23e86e3f3a53b13cc08985f09b579e7230af695f71feb1f7b6cb348456b24cb102296da84584a8472c39417fc3275566af016ae656e2ed01

  • SSDEEP

    768:18kq7NCuaw+84Q4h99vP8jqgbMidbhvJU9nbcuyD7UI:18kq1aww5EjIidbhhU9nouy8

  Score

  10^/10

  netwalkerransomwarespywarestealerupx

  • Detected Netwalker Ransomware

    Detected unpacked Netwalker executable.

  • Netwalker Ransomware

    Ransomware family with multiple versions. Also known as MailTo.

    ransomwarenetwalker

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2