366aebbcba2bd34bcf3bb4798646755c5472fa979833451f0f93d2c1b8318b27

General

Target

366aebbcba2bd34bcf3bb4798646755c5472fa979833451f0f93d2c1b8318b27
Size

536KB
Sample

230626-3cjkysdb91
MD5

a68652509def7523e65fe7b9d1914a55
SHA1

06884d628762d81debbd9580f066e552a73cea2e
SHA256

366aebbcba2bd34bcf3bb4798646755c5472fa979833451f0f93d2c1b8318b27
SHA512

ea17ab3fbc03cbd05ce7b79dac1c778cecb2813fe74c6fcd1cff5def472de0566a0879ede87180a61bfa76e333d2b085bdd1461785c308981d81ba0444bbdc61
SSDEEP

12288:vjqhIyZCxZWYgeWYg955/155/HBwn2Epth+n7onpO:UZo2c2Yh+n7CpO

Score

10^/10

ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\ReadMe.txt

Ransom Note

!!!!!!!!!! ATTENTION !!!!!!!!!! -----All your files, documents, photos and other important files are encrypted by CryOrdo Ransomware!----- Don't worry, you can return all your files. The only methos of recobering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. To get this software you need to write on our e-mail. Address: [email protected]�

Emails

[email protected]�

Targets

- Target
  
  366aebbcba2bd34bcf3bb4798646755c5472fa979833451f0f93d2c1b8318b27
- Size
  
  536KB
- MD5
  
  a68652509def7523e65fe7b9d1914a55
- SHA1
  
  06884d628762d81debbd9580f066e552a73cea2e
- SHA256
  
  366aebbcba2bd34bcf3bb4798646755c5472fa979833451f0f93d2c1b8318b27
- SHA512
  
  ea17ab3fbc03cbd05ce7b79dac1c778cecb2813fe74c6fcd1cff5def472de0566a0879ede87180a61bfa76e333d2b085bdd1461785c308981d81ba0444bbdc61
- SSDEEP
  
  12288:vjqhIyZCxZWYgeWYg955/155/HBwn2Epth+n7onpO:UZo2c2Yh+n7CpO
Score

10^/10

ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Modifies extensions of user files

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2