General
-
Target
f64a2924fa0f6690dae0982fe69c327d5063c77a5b4bcd3a4fc58ffb1a2fe72e
-
Size
3.9MB
-
Sample
221207-m6c29sag49
-
MD5
20eee122c6a5cf8537f5488d8bb3b37e
-
SHA1
0e0bf8188e7e143a15fcf95771b98502804198cb
-
SHA256
f64a2924fa0f6690dae0982fe69c327d5063c77a5b4bcd3a4fc58ffb1a2fe72e
-
SHA512
5ac78f1460f171eaf445261cc48b8f60546b90f7e69d3c4b4606013e57168124944ce74c3e866d1a98550063f5e6ddf1e2a7de130e5f62ab4d44b71ae05e816d
-
SSDEEP
49152:hnY727fnDFEnDjY/4hONVn0yrTja9UC6qOLu0D+02UlcCxB6q93Fy01Lb4aKrSPb:5Y76D4YjprGmu0DcCLnpw2
Malware Config
Targets
-
-
Target
f64a2924fa0f6690dae0982fe69c327d5063c77a5b4bcd3a4fc58ffb1a2fe72e
-
Size
3.9MB
-
MD5
20eee122c6a5cf8537f5488d8bb3b37e
-
SHA1
0e0bf8188e7e143a15fcf95771b98502804198cb
-
SHA256
f64a2924fa0f6690dae0982fe69c327d5063c77a5b4bcd3a4fc58ffb1a2fe72e
-
SHA512
5ac78f1460f171eaf445261cc48b8f60546b90f7e69d3c4b4606013e57168124944ce74c3e866d1a98550063f5e6ddf1e2a7de130e5f62ab4d44b71ae05e816d
-
SSDEEP
49152:hnY727fnDFEnDjY/4hONVn0yrTja9UC6qOLu0D+02UlcCxB6q93Fy01Lb4aKrSPb:5Y76D4YjprGmu0DcCLnpw2
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-