Extracted

• • Target

    8ee0ba4bfa8af6c9db317e084eef0d91

  • Size

    215KB

  • MD5

    8ee0ba4bfa8af6c9db317e084eef0d91

  • SHA1

    9250a23d1011b9076816785da78b1ee46864e21e

  • SHA256

    605fb27a1912440c0f65fc554d30377fa4f789c07046ff920c4d8b6ce7992919

  • SHA512

    5959a2fb8803fb3e3f079f917bbfdf65a73b2d76c2f520542f207ab7cd0da4c10a28ed1ed09f792fdf7c804e53383a072f66ca2bd4af86c5326ee0caa23e8c0d

  • SSDEEP

    3072:zTF7B9rkmgFhO3lGX5eKpTZTVBr1+6fqdNdfu6BeixpMVjMWCg/Czw1t:FHrngLgGXwKpTZ9/wfuQe6pg1r

  Score

  10^/10

  contiransomware

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Renames multiple (7982) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Drops desktop.ini file(s)

  behavioral1behavioral2