General
-
Target
13e164380585fe44ac56ed10bd1ed5e42873a85040aee8c40d7596fc05f28920
-
Size
167KB
-
Sample
230416-zd2ldadf8w
-
MD5
612974dcb49adef982d9ad8d9cbdde36
-
SHA1
b817e361bd0cc1819d7f6a1189f0f5d56ed48721
-
SHA256
13e164380585fe44ac56ed10bd1ed5e42873a85040aee8c40d7596fc05f28920
-
SHA512
84d5acbb8f258683bb6735539e368c2823218d2a6cf07222a50e1e026e3a0aca092941110e87b1d38a601c6a1e3d54604c2f4241c3ec265ed0bf25140a14c2fc
-
SSDEEP
3072:Vzm96ax+qLT5+IqRRztaWEmJLhSpTGqbay/0TwEz:VS96axL5kxHP0hmy/4z
Malware Config
Targets
-
-
Target
13e164380585fe44ac56ed10bd1ed5e42873a85040aee8c40d7596fc05f28920
-
Size
167KB
-
MD5
612974dcb49adef982d9ad8d9cbdde36
-
SHA1
b817e361bd0cc1819d7f6a1189f0f5d56ed48721
-
SHA256
13e164380585fe44ac56ed10bd1ed5e42873a85040aee8c40d7596fc05f28920
-
SHA512
84d5acbb8f258683bb6735539e368c2823218d2a6cf07222a50e1e026e3a0aca092941110e87b1d38a601c6a1e3d54604c2f4241c3ec265ed0bf25140a14c2fc
-
SSDEEP
3072:Vzm96ax+qLT5+IqRRztaWEmJLhSpTGqbay/0TwEz:VS96axL5kxHP0hmy/4z
Score10/10-
GlobeImposter
GlobeImposter is a ransomware first seen in 2017.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-