Overview

overview

10

Static

static

1

Tauryu1Exe.bin.exe

windows7-x64

10

Tauryu1Exe.bin.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Tauryu1Exe.bin.exe

  • Size

    101KB

  • Sample

    230321-fmzzcsgh32

  • MD5

    b7b5e1253710d8927cbe07d52d2d2e10

  • SHA1

    596f1fdb5a3de40cccfe1d8183692928b94b8afb

  • SHA256

    eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe

  • SHA512

    e56398bc1d27288504004486eb1b843f8c5462c5af3e4f076d5083890424a33149c402cb4da23b34d624746bbc0d15e1798427793d93ff93972ed081493d9b37

  • SSDEEP

    1536:YzkzMy2546PtngS719+T0gdGpwW2XtaJp7fd8OUfB4VH9qNwpWblz:RX2C29+4g8wW2XtO7l8OUGx9qNwp6

Score
10/10
contiransomware

Malware Config

Targets

    • Target

      Tauryu1Exe.bin.exe

    • Size

      101KB

    • MD5

      b7b5e1253710d8927cbe07d52d2d2e10

    • SHA1

      596f1fdb5a3de40cccfe1d8183692928b94b8afb

    • SHA256

      eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe

    • SHA512

      e56398bc1d27288504004486eb1b843f8c5462c5af3e4f076d5083890424a33149c402cb4da23b34d624746bbc0d15e1798427793d93ff93972ed081493d9b37

    • SSDEEP

      1536:YzkzMy2546PtngS719+T0gdGpwW2XtaJp7fd8OUfB4VH9qNwpWblz:RX2C29+4g8wW2XtO7l8OUGx9qNwp6

    Score
    10/10
    contiransomware

    • Conti Ransomware

      Ransomware generally thought to be a successor to Ryuk.

      ransomwareconti

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks