General
-
Target
0dfcf4d5f66310de87c2e422d7804e66279fe3e3cd6a27723225aecf214e9b00.bin
-
Size
1.8MB
-
Sample
230420-jepefagd23
-
MD5
662b823d2472f494c5d539d0694cca77
-
SHA1
f8fc84030c579070b36c99c836ac4b5c32bbc2c4
-
SHA256
0dfcf4d5f66310de87c2e422d7804e66279fe3e3cd6a27723225aecf214e9b00
-
SHA512
302d09017cd6bda0b78dbbae8d4353c03088e3244f8bbed242b8937125fa27086cfdf653ad3dbab9738ee0aee8010f378047916e19e2d323d64b993cc62e441d
-
SSDEEP
49152:azqqZpvT9ZwA/kzgdtK26LD4z3iXA2f9TWSDGDN1Z:sHZpvpZfkYK26LUz3i10SoN1Z
Behavioral task
behavioral1
Sample
0dfcf4d5f66310de87c2e422d7804e66279fe3e3cd6a27723225aecf214e9b00.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
C:\Users\Admin\Desktop\HOW-TO-DECRYPT-kgkq9.txt
Targets
-
-
Target
0dfcf4d5f66310de87c2e422d7804e66279fe3e3cd6a27723225aecf214e9b00.bin
-
Size
1.8MB
-
MD5
662b823d2472f494c5d539d0694cca77
-
SHA1
f8fc84030c579070b36c99c836ac4b5c32bbc2c4
-
SHA256
0dfcf4d5f66310de87c2e422d7804e66279fe3e3cd6a27723225aecf214e9b00
-
SHA512
302d09017cd6bda0b78dbbae8d4353c03088e3244f8bbed242b8937125fa27086cfdf653ad3dbab9738ee0aee8010f378047916e19e2d323d64b993cc62e441d
-
SSDEEP
49152:azqqZpvT9ZwA/kzgdtK26LD4z3iXA2f9TWSDGDN1Z:sHZpvpZfkYK26LUz3i10SoN1Z
Score10/10-
Hades Ransomware
Ransomware family attributed to Evil Corp APT first seen in late 2020.
-
Hades payload
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Executes dropped EXE
-