General
-
Target
Trojan-Ransom.Win32.Blocker.jagv-b03bb927939f131374b0d50749e9dbd072bb8a9530edfb6299d12ea4e6961c4b
-
Size
355KB
-
Sample
221107-f8btnaafc5
-
MD5
71eed7dfc7bfe7cbbddd4e290a88864e
-
SHA1
f4d50de36ea97623d1280e48af171fc21b7be366
-
SHA256
b03bb927939f131374b0d50749e9dbd072bb8a9530edfb6299d12ea4e6961c4b
-
SHA512
bf214884f40a1795075d8c0207b60904324dc2291dccf7f500d4524a438c32aa5116c6040a0223f91028d70e2bdf9412bef8e278e310565bb56aadc3692e30ab
-
SSDEEP
6144:lvIj8N0oK0zah0g9OoK0zat8GzwzkIXfYnPgtaNpoK0zat8GzwXgvaK:lQjeK0gRK0qjIQn+K0q/yK
Malware Config
Targets
-
-
Target
Trojan-Ransom.Win32.Blocker.jagv-b03bb927939f131374b0d50749e9dbd072bb8a9530edfb6299d12ea4e6961c4b
-
Size
355KB
-
MD5
71eed7dfc7bfe7cbbddd4e290a88864e
-
SHA1
f4d50de36ea97623d1280e48af171fc21b7be366
-
SHA256
b03bb927939f131374b0d50749e9dbd072bb8a9530edfb6299d12ea4e6961c4b
-
SHA512
bf214884f40a1795075d8c0207b60904324dc2291dccf7f500d4524a438c32aa5116c6040a0223f91028d70e2bdf9412bef8e278e310565bb56aadc3692e30ab
-
SSDEEP
6144:lvIj8N0oK0zah0g9OoK0zat8GzwzkIXfYnPgtaNpoK0zat8GzwXgvaK:lQjeK0gRK0qjIQn+K0q/yK
Score10/10-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-