General
-
Target
xxx.exe.bin
-
Size
501KB
-
Sample
230512-pdv4gsfc6s
-
MD5
1f50fa0d0f6c295a5db3568e9f0684c2
-
SHA1
6219bd0d064c0fffa91166c498d937cf066ec05e
-
SHA256
9c7e55441fa5a460320dce5005358d820aec2386982fb3d77d52ce89b3d59744
-
SHA512
ceb5ca6b0e77ee6ce205b82cf44a5e1976b3e29b97af00933846422781e90e0be7d55f0eb77f19011707b48c64085ea3eb45abc45dacf1062ae426e3bfda59c9
-
SSDEEP
6144:NouXuOPQveEDZQdgepQD0QYa5N2uAAHIbzAW1+SM/V+z8HD7SN:iiAmE2VQpfwbzd9P8j7SN
Static task
static1
Behavioral task
behavioral1
Sample
xxx.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
xxx.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
xxx.exe.bin
-
Size
501KB
-
MD5
1f50fa0d0f6c295a5db3568e9f0684c2
-
SHA1
6219bd0d064c0fffa91166c498d937cf066ec05e
-
SHA256
9c7e55441fa5a460320dce5005358d820aec2386982fb3d77d52ce89b3d59744
-
SHA512
ceb5ca6b0e77ee6ce205b82cf44a5e1976b3e29b97af00933846422781e90e0be7d55f0eb77f19011707b48c64085ea3eb45abc45dacf1062ae426e3bfda59c9
-
SSDEEP
6144:NouXuOPQveEDZQdgepQD0QYa5N2uAAHIbzAW1+SM/V+z8HD7SN:iiAmE2VQpfwbzd9P8j7SN
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-