General
-
Target
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492edsample.exe
-
Size
225KB
-
Sample
240105-n26pfsbbeq
-
MD5
3a087bb7ce04eef64a82958ee3507548
-
SHA1
ee0a57ac86e2d6e87e8a29109c984a44aab53296
-
SHA256
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492ed
-
SHA512
4b314dd8b1992994b8194b6e729055feafb64f873b53289537a3d81f8a54929f5fc9a32bc134ffa3c44a71d7a7ded2f99af77459e3e186d7ccfadbba1747904e
-
SSDEEP
3072:n6syAG2L/wgMrxFSbY3Fq5dQWQC0F0+aLTZtjaPPZMtcdlrRMC/p2wc:6iG2EgwFSc3U5dv0FOTDaPPZME9Bc
Static task
static1
Behavioral task
behavioral1
Sample
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492edsample.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492edsample.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
C:\Program Files (x86)\readme.txt
conti
Targets
-
-
Target
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492edsample.exe
-
Size
225KB
-
MD5
3a087bb7ce04eef64a82958ee3507548
-
SHA1
ee0a57ac86e2d6e87e8a29109c984a44aab53296
-
SHA256
630f0ff24aeeae0c8f04383f3e193ac541ff07d371c584d1d8b2aa1f1d6492ed
-
SHA512
4b314dd8b1992994b8194b6e729055feafb64f873b53289537a3d81f8a54929f5fc9a32bc134ffa3c44a71d7a7ded2f99af77459e3e186d7ccfadbba1747904e
-
SSDEEP
3072:n6syAG2L/wgMrxFSbY3Fq5dQWQC0F0+aLTZtjaPPZMtcdlrRMC/p2wc:6iG2EgwFSc3U5dv0FOTDaPPZME9Bc
Score10/10-
Renames multiple (7933) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-