General
-
Target
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4
-
Size
1.4MB
-
Sample
221125-z1mqqsab81
-
MD5
8901e13e8e01a6f9223c78a903d8fb46
-
SHA1
a015f096d431e42e0df67b21c4eabe4ebf2f476a
-
SHA256
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4
-
SHA512
f7ae948f33fb2270c5ea5bd150c039592edb8d1511dce1077739f17b4f91c6b43c9075a71f15248f7f94f0c159be3e5dcd189c93b7bcbc99847a8185f374ff08
-
SSDEEP
24576:q9WQitvyUilzOUxaOWk01G4fbu/F41jen6KXYzkEEknJS7DFN4L3GmPA705sCvsF:q9WDAUozOUxaOyGau6I6WPDvlAAoefk1
Behavioral task
behavioral1
Sample
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4
-
Size
1.4MB
-
MD5
8901e13e8e01a6f9223c78a903d8fb46
-
SHA1
a015f096d431e42e0df67b21c4eabe4ebf2f476a
-
SHA256
c1ff7936d3eb96ab174c4411bfb95ae7ba287e0a9abb8cd26002610b62318de4
-
SHA512
f7ae948f33fb2270c5ea5bd150c039592edb8d1511dce1077739f17b4f91c6b43c9075a71f15248f7f94f0c159be3e5dcd189c93b7bcbc99847a8185f374ff08
-
SSDEEP
24576:q9WQitvyUilzOUxaOWk01G4fbu/F41jen6KXYzkEEknJS7DFN4L3GmPA705sCvsF:q9WDAUozOUxaOyGau6I6WPDvlAAoefk1
Score10/10-
Detected Xorist Ransomware
-
Modifies firewall policy service
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-