Resubmissions
22-01-2024 09:39
240122-lmz71sdgd9 10General
-
Target
56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe
-
Size
95KB
-
Sample
240122-lmz71sdgd9
-
MD5
301f43abf8e0293a1f6c7f3018b3985b
-
SHA1
86bd09a7e1a60b2d40d9fdaf55832274d6b9b7f3
-
SHA256
c2f81beffc6d4363344d6cd111a621b7f3510b2f288e21de60abeb4ae53ed728
-
SHA512
74119473a06ea077526903e2fa7704067fead69cf779843c4c7baf38dc80cd65d33df281941192b7d54d51b9974240f0a720d4ef58770be431d02e16ea0442fc
-
SSDEEP
1536:Np6BOG0WlphZAc2NE+Ig5LEN0vrx++ZnZDemJi5TWXjc64yBqD40RgUGIeptpG+u:L5G0WzPADa2bzTeYAoo6GEQfGIeA
Static task
static1
Behavioral task
behavioral1
Sample
Device/HarddiskVolume3/Users/User1/Desktop/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume3/Users/User1/Desktop/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908f.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
C:\Program Files (x86)\readme.txt
conti
Targets
-
-
Target
Device/HarddiskVolume3/Users/User1/Desktop/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235/C/ProgramData/Sentinel/AFUCache/56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235.exe
-
Size
225KB
-
MD5
470b33af8631dd7b180bb4bc38450d21
-
SHA1
3f44c4bcc74ce04d1b89b8e944561db0168166be
-
SHA256
56b42abd1e3f461a123322a3c6cb51f0efba0992e7101ab45962f908fb52f235
-
SHA512
71b7a94e64f2c7466ff0bac15b2f8a6c2333231f1195a2e21368db20162656019fbc343ae360d2e3513688cb1256286b6533360e9a2b4415bd100762be3d3c35
-
SSDEEP
3072:n6syAG2L/wgMrxFSbY3Fq5dQWQC0F0+aLTZtjaPPZMtcdlrRMC/sPMn2wc:6iG2EgwFSc3U5dv0FOTDaPPZME9nBc
Score10/10-
Renames multiple (7936) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops startup file
-
Drops desktop.ini file(s)
-