General
-
Target
trig_802620972e8de517babe45.exe
-
Size
654KB
-
Sample
221129-s528nafe4s
-
MD5
1d999ba847346e80594759ff8c32da49
-
SHA1
7abf3923d540addcc82a2cc0794c815dd6385cd1
-
SHA256
802620972e8de517babe450dae22cf740ef135b13a95f23c4a6dd477ba772403
-
SHA512
8ace2a4b4a096f60a9cc530ac42eff33e887c27b88ba327477567cb2db7ae34036b62b8b1b2770e5e0454483fddf6cfb28449118689f899ca800416f780b78de
-
SSDEEP
12288:OgBxsW2FnEfXMIw1CIl/k9AzIr0ic+ZF5XOZkaSU9EP8ZT:Oq2FnnxkIDzgcKF5aSGT
Static task
static1
Behavioral task
behavioral1
Sample
trig_802620972e8de517babe45.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
trig_802620972e8de517babe45.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
trig_802620972e8de517babe45.exe
-
Size
654KB
-
MD5
1d999ba847346e80594759ff8c32da49
-
SHA1
7abf3923d540addcc82a2cc0794c815dd6385cd1
-
SHA256
802620972e8de517babe450dae22cf740ef135b13a95f23c4a6dd477ba772403
-
SHA512
8ace2a4b4a096f60a9cc530ac42eff33e887c27b88ba327477567cb2db7ae34036b62b8b1b2770e5e0454483fddf6cfb28449118689f899ca800416f780b78de
-
SSDEEP
12288:OgBxsW2FnEfXMIw1CIl/k9AzIr0ic+ZF5XOZkaSU9EP8ZT:Oq2FnnxkIDzgcKF5aSGT
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-