General
-
Target
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009
-
Size
669KB
-
Sample
221110-hs7bqsheej
-
MD5
ac546514c037b432430bebc8e3884dad
-
SHA1
f4e2e0eea53546e9a2b1cf136eb8a5ce7015f06d
-
SHA256
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009
-
SHA512
b4f703141e1fc471df35e968977535e4b64cddebc9bba66037b259265234ed254249d9b451f0856cc902919cce77062c6242d49752dcd5e488f7c3d486bc5d99
-
SSDEEP
12288:dQA0FfTcwpBuV2UxqDmuiLZeUaoFi2XZWfGe615HhAZV8DXKD/KeX:Tuf4wTuV2Ux3uIZeUBi2Te6HWCKrKe
Behavioral task
behavioral1
Sample
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009
-
Size
669KB
-
MD5
ac546514c037b432430bebc8e3884dad
-
SHA1
f4e2e0eea53546e9a2b1cf136eb8a5ce7015f06d
-
SHA256
b00be4dda45f8670b0e65d37cc7770fa791d869c7e567ea316d84d16283f8009
-
SHA512
b4f703141e1fc471df35e968977535e4b64cddebc9bba66037b259265234ed254249d9b451f0856cc902919cce77062c6242d49752dcd5e488f7c3d486bc5d99
-
SSDEEP
12288:dQA0FfTcwpBuV2UxqDmuiLZeUaoFi2XZWfGe615HhAZV8DXKD/KeX:Tuf4wTuV2Ux3uIZeUBi2Te6HWCKrKe
-
MedusaLocker payload
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-