General
-
Target
208c45f500c299bc4ebd80d1e230cc41
-
Size
402KB
-
Sample
231225-qc14sahfd2
-
MD5
208c45f500c299bc4ebd80d1e230cc41
-
SHA1
1c0b42efd324cab1625423b5634ee4b67ad62ac5
-
SHA256
97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
SHA512
d34d6ffcb4751f0a5391fd08cd6c78ceb6bdcc9c4346b28cd8c0e00a1ab810e1990dd752b70852aaed73738c888e6d0d73485c1e58582e8d0aedc106551e2637
-
SSDEEP
12288:L5rxhWsTDzB6BybYxl+xX4VpMDEvqXHRAS0uayw4HUsNI4j:L5rxhW6PB6BybYxlWX/DEv4eNw
Static task
static1
Behavioral task
behavioral1
Sample
208c45f500c299bc4ebd80d1e230cc41.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
208c45f500c299bc4ebd80d1e230cc41.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
F:\$RECYCLE.BIN\S-1-5-21-1603059206-2004189698-4139800220-1000\GET_YOUR_FILES_BACK.txt
avoslocker
http://avos2fuj6olp6x36.onion
http://avos53nnmi4u6amh.onion/
Targets
-
-
Target
208c45f500c299bc4ebd80d1e230cc41
-
Size
402KB
-
MD5
208c45f500c299bc4ebd80d1e230cc41
-
SHA1
1c0b42efd324cab1625423b5634ee4b67ad62ac5
-
SHA256
97820cf8de59555d2d333ac724c6a72c610b8c537f35139ebb1a5a362e68f789
-
SHA512
d34d6ffcb4751f0a5391fd08cd6c78ceb6bdcc9c4346b28cd8c0e00a1ab810e1990dd752b70852aaed73738c888e6d0d73485c1e58582e8d0aedc106551e2637
-
SSDEEP
12288:L5rxhWsTDzB6BybYxl+xX4VpMDEvqXHRAS0uayw4HUsNI4j:L5rxhW6PB6BybYxlWX/DEv4eNw
Score10/10-
Avoslocker Ransomware
Avoslocker is a relatively new ransomware, that was observed in late June and early July, 2021.
-
Renames multiple (96) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-