General
-
Target
ccv.bin
-
Size
224KB
-
Sample
221129-rrc6yabc5w
-
MD5
d9b46196ec37fbc6acc3bd81442311bf
-
SHA1
4ad109947b469ebe71f0f73c2acadcb4ba84be43
-
SHA256
7bbfff4ecb5beaf20c8204be267776270daefb6eb0197c76649182350772162c
-
SHA512
3cca8a67a301132b31ad79ffe225d678a9d1837b02a845813a1feb621d3bb5bbe64f9ec4d99345df314450c575858291e49db5f2de73dcf2064167f45d338659
-
SSDEEP
6144:+pSnrXZU82f3e0UbqwOR0ORGIQf5EtoKs:hrpUFfXUmwqQZ5EtoN
Malware Config
Targets
-
-
Target
ccv.bin
-
Size
224KB
-
MD5
d9b46196ec37fbc6acc3bd81442311bf
-
SHA1
4ad109947b469ebe71f0f73c2acadcb4ba84be43
-
SHA256
7bbfff4ecb5beaf20c8204be267776270daefb6eb0197c76649182350772162c
-
SHA512
3cca8a67a301132b31ad79ffe225d678a9d1837b02a845813a1feb621d3bb5bbe64f9ec4d99345df314450c575858291e49db5f2de73dcf2064167f45d338659
-
SSDEEP
6144:+pSnrXZU82f3e0UbqwOR0ORGIQf5EtoKs:hrpUFfXUmwqQZ5EtoN
Score10/10-
PLAY Ransomware, PlayCrypt
Ransomware family first seen in mid 2022.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-