General
-
Target
05bbf1c653825b757ee73b59df45410070a28841819362462162d9547adb3d5a.exe
-
Size
36KB
-
Sample
221116-f9z8msdb9z
-
MD5
ce3b141aa84f121127b37adecc908db8
-
SHA1
c761ca6f202558b752efa76058264f01065d8171
-
SHA256
05bbf1c653825b757ee73b59df45410070a28841819362462162d9547adb3d5a
-
SHA512
fe088ffc5e7962081fce6d28ac49b3b4821b71532f8b98550b942b13f10da96899f6a3e9dd7d84156842c85310da17564fdb983436e2549239d55db0c01f0aef
-
SSDEEP
768:V1KYiUlrhAJAfv123WP5HBVz6C0R64rmEq25FANwepk4E:V1vikrhAJAHsmBhp6/R6emEqeFANweSP
Malware Config
Targets
-
-
Target
05bbf1c653825b757ee73b59df45410070a28841819362462162d9547adb3d5a.exe
-
Size
36KB
-
MD5
ce3b141aa84f121127b37adecc908db8
-
SHA1
c761ca6f202558b752efa76058264f01065d8171
-
SHA256
05bbf1c653825b757ee73b59df45410070a28841819362462162d9547adb3d5a
-
SHA512
fe088ffc5e7962081fce6d28ac49b3b4821b71532f8b98550b942b13f10da96899f6a3e9dd7d84156842c85310da17564fdb983436e2549239d55db0c01f0aef
-
SSDEEP
768:V1KYiUlrhAJAfv123WP5HBVz6C0R64rmEq25FANwepk4E:V1vikrhAJAHsmBhp6/R6emEqeFANweSP
Score10/10-
Conti Ransomware
Ransomware generally thought to be a successor to Ryuk.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-