General
-
Target
7729790829576dc0bc7128f851ca966891e6d9873fd6ba56056bdbd9b125540b
-
Size
281KB
-
Sample
221128-d8et7sgb8z
-
MD5
b2627a0ad82f29313a00802c232ccb41
-
SHA1
7548acd6092f3ec1381fc703747abd8f076fecb5
-
SHA256
7729790829576dc0bc7128f851ca966891e6d9873fd6ba56056bdbd9b125540b
-
SHA512
9567189314d56bde274f3c1d8f99355c8a8679f38acbc95caa1f224297b37647b92766d5e8d99ce894e6a52f8695995bd39249a0a65ed625d6c0d386d9532302
-
SSDEEP
6144:c8dNXSEqDwPJ2fBGE4IEEvx8mKKCDf7/MIldjexUU8ry5dfU4mj:HqDwosE4bQxCKMfwIyxUU8m5dM1
Malware Config
Targets
-
-
Target
7729790829576dc0bc7128f851ca966891e6d9873fd6ba56056bdbd9b125540b
-
Size
281KB
-
MD5
b2627a0ad82f29313a00802c232ccb41
-
SHA1
7548acd6092f3ec1381fc703747abd8f076fecb5
-
SHA256
7729790829576dc0bc7128f851ca966891e6d9873fd6ba56056bdbd9b125540b
-
SHA512
9567189314d56bde274f3c1d8f99355c8a8679f38acbc95caa1f224297b37647b92766d5e8d99ce894e6a52f8695995bd39249a0a65ed625d6c0d386d9532302
-
SSDEEP
6144:c8dNXSEqDwPJ2fBGE4IEEvx8mKKCDf7/MIldjexUU8ry5dfU4mj:HqDwosE4bQxCKMfwIyxUU8m5dM1
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-