General
-
Target
93cbe4ed3d46abe732a124a41e7147a2
-
Size
446KB
-
Sample
231222-p7n72acebm
-
MD5
93cbe4ed3d46abe732a124a41e7147a2
-
SHA1
94a24be60d90479ce27f7787a86678472aabdc6e
-
SHA256
89e71eb0a6403725d2f95cb9e6506b8b139a6948a61dc1c5cfedf18648241ec4
-
SHA512
8f46af90d8a2d78da003a8a395fd7f74cc235595238ee3a3e4d87fee2aa4c8abf6ece403bb3726122d3825437f5d079ea1f8d6b275153bb76b3b0d75c243ef09
-
SSDEEP
6144:XOOxeLzWoeNqagVRUvOWcTwlOcTeP8uENXIEQSdO8c/AVxYflxiW:txeHWoA/Wr0lfQ8BfLkIVxYfrd
Malware Config
Targets
-
-
Target
93cbe4ed3d46abe732a124a41e7147a2
-
Size
446KB
-
MD5
93cbe4ed3d46abe732a124a41e7147a2
-
SHA1
94a24be60d90479ce27f7787a86678472aabdc6e
-
SHA256
89e71eb0a6403725d2f95cb9e6506b8b139a6948a61dc1c5cfedf18648241ec4
-
SHA512
8f46af90d8a2d78da003a8a395fd7f74cc235595238ee3a3e4d87fee2aa4c8abf6ece403bb3726122d3825437f5d079ea1f8d6b275153bb76b3b0d75c243ef09
-
SSDEEP
6144:XOOxeLzWoeNqagVRUvOWcTwlOcTeP8uENXIEQSdO8c/AVxYflxiW:txeHWoA/Wr0lfQ8BfLkIVxYfrd
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-