General
-
Target
970d50813e2d3da1298b718a79bb18989b971a7160881b8a4959cc4ca33aefd5
-
Size
229KB
-
Sample
221128-d8hk4agb9w
-
MD5
aabe2844ee61e1f2969d7a96e1355a99
-
SHA1
7c605f6a3e8fa991ffc12d32f08b525439e0d070
-
SHA256
970d50813e2d3da1298b718a79bb18989b971a7160881b8a4959cc4ca33aefd5
-
SHA512
0b2e814e0d718d520bcec376e99693eabc8edbe2c140ff8c3d2c670a9b298f2da38b95a0c4b19b6606e9f1601f2704ae1a2d730983b9341fb9f1b6620a58d077
-
SSDEEP
6144:c8dNXSEq5GVIr+LXn58Gwfub4XMBFP2eVjhW/jiG:HqsXqRub4gFOMO+G
Malware Config
Targets
-
-
Target
970d50813e2d3da1298b718a79bb18989b971a7160881b8a4959cc4ca33aefd5
-
Size
229KB
-
MD5
aabe2844ee61e1f2969d7a96e1355a99
-
SHA1
7c605f6a3e8fa991ffc12d32f08b525439e0d070
-
SHA256
970d50813e2d3da1298b718a79bb18989b971a7160881b8a4959cc4ca33aefd5
-
SHA512
0b2e814e0d718d520bcec376e99693eabc8edbe2c140ff8c3d2c670a9b298f2da38b95a0c4b19b6606e9f1601f2704ae1a2d730983b9341fb9f1b6620a58d077
-
SSDEEP
6144:c8dNXSEq5GVIr+LXn58Gwfub4XMBFP2eVjhW/jiG:HqsXqRub4gFOMO+G
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-