conti | eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe | Triage

Submit
Reports

Overview

overview

Static

static

1

Tauryu1Exe.bin.exe

windows7-x64

Tauryu1Exe.bin.exe

windows10-2004-x64

Sharing

General

Target

Tauryu1Exe.bin.exe
Size

101KB
Sample

230321-fmzzcsgh32
MD5

b7b5e1253710d8927cbe07d52d2d2e10
SHA1

596f1fdb5a3de40cccfe1d8183692928b94b8afb
SHA256

eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe
SHA512

e56398bc1d27288504004486eb1b843f8c5462c5af3e4f076d5083890424a33149c402cb4da23b34d624746bbc0d15e1798427793d93ff93972ed081493d9b37
SSDEEP

1536:YzkzMy2546PtngS719+T0gdGpwW2XtaJp7fd8OUfB4VH9qNwpWblz:RX2C29+4g8wW2XtO7l8OUGx9qNwp6

Score

10^/10

conti ransomware

Static task

static1

Behavioral task

behavioral1

Sample

Tauryu1Exe.bin.exe

Resource

win7-20230220-en

conti ransomware

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Tauryu1Exe.bin.exe

Resource

win10v2004-20230220-en

conti ransomware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Tauryu1Exe.bin.exe
- Size
  
  101KB
- MD5
  
  b7b5e1253710d8927cbe07d52d2d2e10
- SHA1
  
  596f1fdb5a3de40cccfe1d8183692928b94b8afb
- SHA256
  
  eae876886f19ba384f55778634a35a1d975414e83f22f6111e3e792f706301fe
- SHA512
  
  e56398bc1d27288504004486eb1b843f8c5462c5af3e4f076d5083890424a33149c402cb4da23b34d624746bbc0d15e1798427793d93ff93972ed081493d9b37
- SSDEEP
  
  1536:YzkzMy2546PtngS719+T0gdGpwW2XtaJp7fd8OUfB4VH9qNwpWblz:RX2C29+4g8wW2XtO7l8OUGx9qNwp6
Score

10^/10

conti ransomware
- Conti Ransomware
  Ransomware generally thought to be a successor to Ryuk.
  ransomware conti
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

contiransomware

behavioral2

contiransomware

© 2018-2024

Terms | Privacy