Extracted

Extracted

• • Target

    b07ff2183904731e4905b1bc1e23d24e

  • Size

    31KB

  • MD5

    b07ff2183904731e4905b1bc1e23d24e

  • SHA1

    3fe14bbf67d25bfa3b9d06f5f1fc7812aa28a687

  • SHA256

    3a03530c732ebe53cdd7c17bee0988896d36c2b632dbd6118613697c2af82117

  • SHA512

    e7774b76759952979bac48a5f1a24808d957181d5720393f16cfb6af054253a47fd63c9f068203eb2433ff768979c59043f9f4a52cf734f375583ddaba478c4d

  • SSDEEP

    768:TOdT6nmM1SJbpRP4EBg6AXTOJvFQ9z8CYI3j3i4O7D:Cdmnvgd4EeszQxXYIm

  Score

  10^/10

  blackmatterransomware

  • BlackMatter Ransomware

    BlackMatter ransomware group claims to be Darkside and REvil succesor.

    ransomwareblackmatter

  • Renames multiple (152) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Sets desktop wallpaper using registry

    ransomware

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2