General
-
Target
ad618b5ab55b3985df1e64321f8c047715e38c3765b2bc7a3de529dcc807c8f4
-
Size
264KB
-
Sample
221128-df8ltaac26
-
MD5
7cb7c2f88d3658be701274af95facfb2
-
SHA1
e24e31469c64d264e826c4c87a0641f814395659
-
SHA256
ad618b5ab55b3985df1e64321f8c047715e38c3765b2bc7a3de529dcc807c8f4
-
SHA512
37927ecad60e0d210edf5c21c6a096eca5d4bc114bf55444c900d9c8c1e0dbfb9cba256d559220eb0b9929d15c3ae3cec8a5f5ec4631fb117689e3ab298c2e3d
-
SSDEEP
6144:Y2MF5/U5fNRwhoTFHvvlv6VY1zVsg1X4N24B4:0ZCfNRw+TFPdv6VABLUn4
Malware Config
Targets
-
-
Target
ad618b5ab55b3985df1e64321f8c047715e38c3765b2bc7a3de529dcc807c8f4
-
Size
264KB
-
MD5
7cb7c2f88d3658be701274af95facfb2
-
SHA1
e24e31469c64d264e826c4c87a0641f814395659
-
SHA256
ad618b5ab55b3985df1e64321f8c047715e38c3765b2bc7a3de529dcc807c8f4
-
SHA512
37927ecad60e0d210edf5c21c6a096eca5d4bc114bf55444c900d9c8c1e0dbfb9cba256d559220eb0b9929d15c3ae3cec8a5f5ec4631fb117689e3ab298c2e3d
-
SSDEEP
6144:Y2MF5/U5fNRwhoTFHvvlv6VY1zVsg1X4N24B4:0ZCfNRw+TFPdv6VABLUn4
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Sets desktop wallpaper using registry
-