Extracted

Extracted

• • Target

    2d8ebde851e42622e0b6e60ec831e03a.exe

  • Size

    1006KB

  • MD5

    2d8ebde851e42622e0b6e60ec831e03a

  • SHA1

    e77962926002b4603017901c097a54e8f83b6da9

  • SHA256

    2efb62748a9a6b808dcc9c6303ff8c4567a2ee20a56022f8ecbe3b6739fb0a40

  • SHA512

    39392647c1f82bf417986961a4b62a7843977f9aa641fcb10a4e4a943ab5b617d6c20bad4c14664a951528979fe8ea6f7b58b932d9d45c5b883dea6a65b05a86

  • SSDEEP

    12288:hSCbvRebC9TrasaYadqjRaQaofKkzaxa3+:oev/f3h7+QWr

  Score

  10^/10

  netwalkerransomwarespywarestealer

  • Netwalker Ransomware

    Ransomware family with multiple versions. Also known as MailTo.

    ransomwarenetwalker

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Renames multiple (7450) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2