General
-
Target
cryptor.bin
-
Size
226KB
-
Sample
221129-wxthbsdc53
-
MD5
3eff7826b6eea73b0206f11d08073a68
-
SHA1
578b1b0f46491b9d39d21f2103cb437bc2d71cac
-
SHA256
7f6421cdf6355edfdcbddadd26bcdfbf984def301df3c6c03d71af8e30bb781f
-
SHA512
65475eae1ae0e654dd691e63aeddf1c52d531fec7efb1d87edcdcff041a509a84ef7f5a2d0ee896c7150ece9f74330db717bb31eb8728f5bf64c93a04d1bbc3f
-
SSDEEP
3072:+YiGnOXzCukJfvJxr2uvUYGQ2kzwlql7PBECBwvPW2GZF5A4s+bWo:JnOjPMjNzzwkBiCuGPWo
Static task
static1
Behavioral task
behavioral1
Sample
cryptor.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
cryptor.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
cryptor.bin
-
Size
226KB
-
MD5
3eff7826b6eea73b0206f11d08073a68
-
SHA1
578b1b0f46491b9d39d21f2103cb437bc2d71cac
-
SHA256
7f6421cdf6355edfdcbddadd26bcdfbf984def301df3c6c03d71af8e30bb781f
-
SHA512
65475eae1ae0e654dd691e63aeddf1c52d531fec7efb1d87edcdcff041a509a84ef7f5a2d0ee896c7150ece9f74330db717bb31eb8728f5bf64c93a04d1bbc3f
-
SSDEEP
3072:+YiGnOXzCukJfvJxr2uvUYGQ2kzwlql7PBECBwvPW2GZF5A4s+bWo:JnOjPMjNzzwkBiCuGPWo
Score8/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-