General
-
Target
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902.exe
-
Size
268KB
-
Sample
231011-satyssgc75
-
MD5
cfea8286f13e566324aca989bbf1ecdd
-
SHA1
0a295ca16213502d5a6629553cf2b168b2a4dfc7
-
SHA256
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902
-
SHA512
674cf146d76a5ecfa18da92c987eea09c8f055d6a2474311c825e6a5877ca4f8eb72413dba393c8e314016665d85534842103bece430c417b1c004aa2aadcd70
-
SSDEEP
3072:pLJGBP1t82ETTwPAobQ3tOqmb14Gul22QZkN7S44EXZNxRx6kFYDRzuU:VJEPCTwPp03YqyNulakL96fDRH
Static task
static1
Behavioral task
behavioral1
Sample
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
C:\Program Files (x86)\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.xyz/
Targets
-
-
Target
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902.exe
-
Size
268KB
-
MD5
cfea8286f13e566324aca989bbf1ecdd
-
SHA1
0a295ca16213502d5a6629553cf2b168b2a4dfc7
-
SHA256
cf941154cc06005a15ff3ca2f601e13b537794254d338f63eadd260855115902
-
SHA512
674cf146d76a5ecfa18da92c987eea09c8f055d6a2474311c825e6a5877ca4f8eb72413dba393c8e314016665d85534842103bece430c417b1c004aa2aadcd70
-
SSDEEP
3072:pLJGBP1t82ETTwPAobQ3tOqmb14Gul22QZkN7S44EXZNxRx6kFYDRzuU:VJEPCTwPp03YqyNulakL96fDRH
Score10/10-
Renames multiple (1765) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (2809) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-