General
-
Target
9176079184.zip
-
Size
384KB
-
Sample
230215-rgs5eabh4s
-
MD5
0f4c311674c9ea6c9bdaf96ba9b80866
-
SHA1
39a9e2259b8678047900f356f2a943870debc462
-
SHA256
7b5f033e3049256e7c9889de074aa2ecc4b9ef878eb6966170152e0f6b6a8055
-
SHA512
b97ce1c23dce5936049b1e5c33a37d312570a59682f62fdf3fa8ac270a14a2c2a83ca8201b3d3a627297971d667666442fe54c32d3ce0b76bc41770df0b2c82c
-
SSDEEP
6144:IxuQt4nMPMDX4Ni+ysLIN99RQivHBZ8VJJnsAS+uYoJhdF/HFo9ctogn:QuzMPQXNLRHLABr/oJhdNHF8gn
Malware Config
Extracted
C:\instructions_read_me.txt
https://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion/
Targets
-
-
Target
0595876dcfb02cbe4d85d3f9cb374b24473e5b338df781e18bd059ea48d60119
-
Size
827KB
-
MD5
9af1db273268198c2c9e2eac3dbe9ae3
-
SHA1
a0fcf49afe94e173f8b341811800c317a487f489
-
SHA256
0595876dcfb02cbe4d85d3f9cb374b24473e5b338df781e18bd059ea48d60119
-
SHA512
658eb72ed8d27376cd9d323e551bf69d9b1186b23312d269a2627844deb61313aac3acc36a94e7d3da2e71c787f884aba04752adfe833cc38d6e6647ed791a25
-
SSDEEP
24576:8Udit0a6YWgnd8p0GGSyhFdAjb8oeXrLs:jfYWgnd/SyhFdggokrLs
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-