Overview

overview

10

Static

static

3

2024-02-19...uk.exe

windows7-x64

10

2024-02-19...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-19_e57bbb2ab183586ff33d8eeefad512d4_ponmocup_ryuk

  • Size

    11.9MB

  • Sample

    240219-bswfxagg49

  • MD5

    e57bbb2ab183586ff33d8eeefad512d4

  • SHA1

    2f6161e0a440592e626886dc6844468cb0c533bb

  • SHA256

    a97eab720061c4131c3fa1b850968895ec210fb24f4d9192b9700a6aad3bbcb0

  • SHA512

    3004e3d18aa312c8272258662fd829ee7d70c600d1ae585f6a63fd4b4ccbac06859869b1fcff532b063a73cade5df2dd09c2beff19e59654cd8d9f07096490a2

  • SSDEEP

    196608:ewpf4Dz52nt/tv1MfHrODpFC4g0AVIGve8ZJ9BIBxIFO48RmU/3ZlsPvmucM8C1Y:vl4Dgt/xcKLgtIGJYXIotN3ZWLb2

Score
10/10
demonwarepyinstallerransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\README.txt

Family

demonware

Ransom Note
Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: https://keys.zeznzo.nl and search for your IP/hostname to get your key. Kind regards, Zeznzo
URLs

https://keys.zeznzo.nl

Targets

    • Target

      2024-02-19_e57bbb2ab183586ff33d8eeefad512d4_ponmocup_ryuk

    • Size

      11.9MB

    • MD5

      e57bbb2ab183586ff33d8eeefad512d4

    • SHA1

      2f6161e0a440592e626886dc6844468cb0c533bb

    • SHA256

      a97eab720061c4131c3fa1b850968895ec210fb24f4d9192b9700a6aad3bbcb0

    • SHA512

      3004e3d18aa312c8272258662fd829ee7d70c600d1ae585f6a63fd4b4ccbac06859869b1fcff532b063a73cade5df2dd09c2beff19e59654cd8d9f07096490a2

    • SSDEEP

      196608:ewpf4Dz52nt/tv1MfHrODpFC4g0AVIGve8ZJ9BIBxIFO48RmU/3ZlsPvmucM8C1Y:vl4Dgt/xcKLgtIGJYXIotN3ZWLb2

    Score
    10/10
    demonwareransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks