Overview
overview
10Static
static
10malware-co...es.vbs
windows7-x64
1malware-co...es.vbs
windows10-2004-x64
1malware-co...er.exe
windows7-x64
1malware-co...er.exe
windows10-2004-x64
1malware-co...st.exe
windows7-x64
3malware-co...st.exe
windows10-2004-x64
3malware-co...us.exe
windows7-x64
7malware-co...us.exe
windows10-2004-x64
7malware-co...er.exe
windows7-x64
1malware-co...er.exe
windows10-2004-x64
1malware-co...Te.dll
windows7-x64
1malware-co...Te.dll
windows10-2004-x64
1malware-co...e/.dll
windows7-x64
1malware-co...e/.dll
windows10-2004-x64
1malware-co...rm1.js
windows7-x64
1malware-co...rm1.js
windows10-2004-x64
1malware-co...m1.vbs
windows7-x64
1malware-co...m1.vbs
windows10-2004-x64
1malware-co...er.vbs
windows7-x64
1malware-co...er.vbs
windows10-2004-x64
1malware-co...es.vbs
windows7-x64
1malware-co...es.vbs
windows10-2004-x64
1malware-co...a2.exe
windows7-x64
1malware-co...a2.exe
windows10-2004-x64
1malware-co...a2.exe
windows7-x64
1malware-co...a2.exe
windows10-2004-x64
1malware-co...AES.js
windows7-x64
1malware-co...AES.js
windows10-2004-x64
1malware-co...ase.js
windows7-x64
1malware-co...ase.js
windows10-2004-x64
1malware-co...ish.js
windows7-x64
1malware-co...ish.js
windows10-2004-x64
1General
-
Target
malware-collection-master.zip
-
Size
72.8MB
-
Sample
240303-qcpqraah7t
-
MD5
4293bf4f1ed1b58f02d6a07f48518b63
-
SHA1
fecc4aee891aa8054381902d403c69565afb1a33
-
SHA256
6436568a104a8811d5180569f34b16f5ab9903f49a4027ccc82d7ef43e66c315
-
SHA512
82fa7de55cc52280a644ca93c81bee8c869fde877005772dfd032d2c9b54a1de44df0400ff8ed0ac1195b197e7539af8c1ac0c7e22bf344977267291991f3e80
-
SSDEEP
1572864:H7p+6cE+7rmcLMaB/S+iRQ4afg/D98QuT9k+YTTp:VqE+7r/MIr7Y/D2QuTXYTTp
Behavioral task
behavioral1
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/My Project/Resources.vbs
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/My Project/Resources.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.vshost.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.vshost.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Release/chatwithus.exe
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Release/chatwithus.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/ShellLocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/ShellLocker.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/Te.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/Te.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Release/.dll
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Release/.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.js
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.vbs
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.Designer.vbs
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.Designer.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.vbs
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.vbs
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/bin/Debug/eda2.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/bin/Debug/eda2.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/obj/Debug/eda2.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
malware-collection-master/Ransomware/eda2/eda2/eda2/obj/Debug/eda2.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/AES.js
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/AES.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Base.js
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Base.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Blowfish.js
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Blowfish.js
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/My Project/Resources.resx
-
Size
5KB
-
MD5
c07716633f086d91759ae32a18996a1a
-
SHA1
bf3383c20acf6e64ce49f120938456161e5f6cb9
-
SHA256
4e124f5a7694ffe813c60601b1b73c53e47536b1f1c0e798d4d55bfc2ca3774f
-
SHA512
c6ad0ec603ff69d2d1b787db9426f29d44ea1ba45cf1d2b7ec41cc2bd6d5c93af8d2299139cc1c5d10d56718f36daa37d544f8d5411fad91a72efc2e70454cdf
-
SSDEEP
96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFE3qxdRMvDTursrbLAy202W:Zf+tLPfYnLvFVOiFQaUR6
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.exe
-
Size
679KB
-
MD5
5f3a3ee275a03ac1c2fa5482649b6471
-
SHA1
9673a5a87428e3b38e65f2cd922946d47c4a329b
-
SHA256
c9661b2f5274b1835d64e6d58ea5a8ff58ffa8d9d19a9a31bd43f074c6e2eb69
-
SHA512
405139d37c3ec224f96316a59b2764d159d750d480acbbbc77c7bb8f46d9709dbcbea60cfe6d6f500d72e4b23b88ac52951bf13fb34ad81ffde9d5c32b0fb46a
-
SSDEEP
12288:/W3FwqcxVUmAb35S9DLF4YMQ9WhueDFEkSstBZfMUpqv:/W3FwqcxKmgBkW8dstXEUpqv
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Debug/ShellLocker.vshost.exe
-
Size
22KB
-
MD5
5a968502b84a268ca84018f1a9f6bb59
-
SHA1
473b76e89014eebfaa03aa6c3b741dc3747c98c7
-
SHA256
58d46a3801c280908698ef4ff789546427b9be7cd78f61a7533cc2f56c1b881b
-
SHA512
73b0a1903b92e95ca0251e78a18d4fbdf61be15ec29f283488a7c3914ca2bdbb4267a4f5f86e0cd20a809bed1f0f0e804189da541a58a50df35271107f0c1bd6
-
SSDEEP
384:TICPZQWMPW7SUA0GftpBjcV+ILKHRN7illI66s1:8WAMiWVm566
Score3/10 -
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/bin/Release/chatwithus.exe
-
Size
94KB
-
MD5
794611fca6474ec37bbe5dbff3b475ab
-
SHA1
adacbabeac5b164bbe30d441efde2daee3a878c5
-
SHA256
4f6ccc3d4a62fd0cf7af7ed63ac12f90f46261f251cab3dc2783cad4674a9e05
-
SHA512
539669178baf248a9d992d595d29e9b7b0286b4a78e5140c7a09bc253277492fe7e61b32f3e5885d8e65c5ef76d733ae9c73f3d9de571e4e0ac079f5408ee698
-
SSDEEP
1536:fbsbfRKrE4FG4qWE0lcdCgJiWE0lcdCgJ4skgx:fbs0rlFG8oBJJoBJ4dgx
Score7/10-
Drops startup file
-
Sets desktop wallpaper using registry
-
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/ShellLocker.exe
-
Size
679KB
-
MD5
5f3a3ee275a03ac1c2fa5482649b6471
-
SHA1
9673a5a87428e3b38e65f2cd922946d47c4a329b
-
SHA256
c9661b2f5274b1835d64e6d58ea5a8ff58ffa8d9d19a9a31bd43f074c6e2eb69
-
SHA512
405139d37c3ec224f96316a59b2764d159d750d480acbbbc77c7bb8f46d9709dbcbea60cfe6d6f500d72e4b23b88ac52951bf13fb34ad81ffde9d5c32b0fb46a
-
SSDEEP
12288:/W3FwqcxVUmAb35S9DLF4YMQ9WhueDFEkSstBZfMUpqv:/W3FwqcxKmgBkW8dstXEUpqv
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Debug/TempPE/My Project.Resources.Designer.vb.dll
-
Size
6KB
-
MD5
d321f21513674048443264683e997992
-
SHA1
61f59da8227b3cbf9dec78a098c9a0b37236d640
-
SHA256
cb7736ac7557082aefb50baca5ae9541a8090c772c1b9a89196474e09e0bdddd
-
SHA512
a87cd10cbac3e1d6d994c161bdf3b5444c1560daea21f103da98c238179942df4c7ef038347273c305313fd1dd1f0c6c3722ecbe6634176914b6d3d41fea4405
-
SSDEEP
96:9ovn4Z5lK+49cGLq1BH9OHmOd2nigM1TThIW1PnEfpH9Bux84Wk97pInmK:96sEbXW1BHQGO461TThIW1PnaJ0l6V
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/Shell Locker - Source Code/ShellLocker/ShellLocker/obj/Release/TempPE/My Project.Resources.Designer.vb.dll
-
Size
6KB
-
MD5
cc7a5f9f4a46fe1f777865569dea964a
-
SHA1
c18f49a827bcc279a1a0a7661574e4b755cecb7c
-
SHA256
711fdad8e5a1ad914bed61dce60cabac328d7108aff4874306a8a9abce947903
-
SHA512
cb1dbc1d0abb51dcf7c8e83fdc0bb58a1d41449edaaca715e7eb4befab57148ed94e3a9d80efb6f578e6257db167ade1ce0d0a56ea4efbceaca5b0611d5c8ed9
-
SSDEEP
96:+Tvn4Z5lfZ8Qym8GzXHyOHmOd2niXM1TThIW1PnEfpH9kx84Wk97RnmK:osfmngXH9GO411TThIW1PnaKldV
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.cs
-
Size
8KB
-
MD5
d38de550ba4aeff404c8421fdf5ae192
-
SHA1
6209b04561063ec3e207debd6c91c03da2ef68c5
-
SHA256
25af708af5ffc8067f2d086d022cb77820fce747c3ddc41d9d24bff1ff3834bc
-
SHA512
15741ede9411aab22ecc95c714af8b78be595065599b0933fd1eff789185cafb69ea548a77c9fb4b07ad132d68483417bb2b3228dbbbd1505d76577e7fec9cc2
-
SSDEEP
192:ujRag+PeMSIamWrpB4/1WPB4/20XC5KYpwUS1ajSCp9IaC6xy:ujRagkMP9B4/oPB4/eLS1a4
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/Form1.resx
-
Size
150KB
-
MD5
c2c86dc2c6d133abae64c4170aec2765
-
SHA1
73fcfa975496f5c32193e7b652433838788e6038
-
SHA256
9f7637b3a10ac9d4737e83febdd636bc84fbcaf73764f72e6d9ad650b5fb6302
-
SHA512
7b21a8b96266070ca825f75077e431551b74f0b1fed38e16eab1872ebd12b4f31b3760ed34f85ed35b294d9c480ab4af687df35103164b811cff6232232c74b4
-
SSDEEP
768:ZfWMnXOiWa4FrlSFxrhORaTo7N+BnPjsWpjfhByENdRQsJs6tdTOEgqdm+soeyzu:ZfIiWnlqgaTuN2no2fbRqkdsWzPG
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.Designer.cs
-
Size
2KB
-
MD5
1260ded9410ea2c13e56041b871c928e
-
SHA1
3ef888ea58c2987a8cab5ef35b7d137021acc8f2
-
SHA256
36c8612d63d12af1b361cde257b7a128066d1e25f9837182d953328ce56401ae
-
SHA512
693d4f0d67ed3b8ea6994ea71a1312357f5529c2616ecb502a55ce6324d3595c0a248da7ebce856709e1ddabded247b7ef8fb6baf8ee416392d851cfe1b224d1
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/Properties/Resources.resx
-
Size
5KB
-
MD5
c07716633f086d91759ae32a18996a1a
-
SHA1
bf3383c20acf6e64ce49f120938456161e5f6cb9
-
SHA256
4e124f5a7694ffe813c60601b1b73c53e47536b1f1c0e798d4d55bfc2ca3774f
-
SHA512
c6ad0ec603ff69d2d1b787db9426f29d44ea1ba45cf1d2b7ec41cc2bd6d5c93af8d2299139cc1c5d10d56718f36daa37d544f8d5411fad91a72efc2e70454cdf
-
SSDEEP
96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFE3qxdRMvDTursrbLAy202W:Zf+tLPfYnLvFVOiFQaUR6
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/bin/Debug/eda2.exe
-
Size
208KB
-
MD5
9ed4b9ace2563ce02973e94999e5081e
-
SHA1
7c69fd4f8650370ce07d18436ee4a44185f4f529
-
SHA256
fa2a9561a0cfc535908b8b39168391d4f87c685e8d95f52a51d194cc7264ba37
-
SHA512
6d48b956cbfc2d1a27a89e082bd7f914b5aeac8e00339a961cd1a18bab860185a64bb471f71e69e4bd1cacb801f57df140dffe7fd6b5b007eb2ec4b5540f8031
-
SSDEEP
3072:etRM+lmsolAIrRuw+mqv9j1MWLQ5MTmmsolNIrRuw+mqv9j1MWLQ5:1+lDAArTmDAN
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/eda2/eda2/obj/Debug/eda2.exe
-
Size
208KB
-
MD5
9ed4b9ace2563ce02973e94999e5081e
-
SHA1
7c69fd4f8650370ce07d18436ee4a44185f4f529
-
SHA256
fa2a9561a0cfc535908b8b39168391d4f87c685e8d95f52a51d194cc7264ba37
-
SHA512
6d48b956cbfc2d1a27a89e082bd7f914b5aeac8e00339a961cd1a18bab860185a64bb471f71e69e4bd1cacb801f57df140dffe7fd6b5b007eb2ec4b5540f8031
-
SSDEEP
3072:etRM+lmsolAIrRuw+mqv9j1MWLQ5MTmmsolNIrRuw+mqv9j1MWLQ5:1+lDAArTmDAN
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/AES.php
-
Size
6KB
-
MD5
91c7c2adec8eb76606187c3a3ae03516
-
SHA1
e401d7e5c61d605697cd0039e48bef1d716ec5c9
-
SHA256
64a960151b291376234896ce6af125d63a73c05e9b0233c57d8f4e776a7bfdf3
-
SHA512
e93e37eecbe24a7df1eb18ce7ab151cfb8993f793c4506d27eb081ca7652099b932ae0884689372d328c67074144b21f47f7439396ec09014bf991a38ee44a3a
-
SSDEEP
96:tkfNX1gtYMQHqEoY5t8tK/emhDglGRgxbKJCxHKf4nQo1eu8L:wqYMQHRqE/eDGwsf4Qo1eu8L
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Base.php
-
Size
95KB
-
MD5
7dbfc9ae2150a4aef6c287509f039edf
-
SHA1
e61738644a67602e95bc9efbc26051a80c8e1f55
-
SHA256
d90a197b7eabf36a2238d93f70b7e9f6a2a6caf6a203ddf040c85be9cc6bd3cb
-
SHA512
3cbb27dee33aa455764d259adf7145521c35915f9d0e84275805b4681ac536af9df821388da603d283b74d3da0ad52be2f48b7a7ece001bc5790c717b909c223
-
SSDEEP
768:gpNwdYFWcywvkt0DGcr2on07vlfMOGHFnEeLi+:gpNcgywvkt0Eo07WOGHFvi+
Score1/10 -
-
-
Target
malware-collection-master/Ransomware/eda2/webpanel/lib/Crypt/Blowfish.php
-
Size
28KB
-
MD5
878e28976c213120054e75cadb110de0
-
SHA1
2e2bde288eac57280fdb2e325c52e9587a9e178b
-
SHA256
322562d6c11738d8f9945f2647973238580375e113af2557bf4214ae4292e8e8
-
SHA512
559c65d5f5d3a5e8298aa584af71a938382af46a173610bb2197b82d6391873d8690062182366eb9a14fdd9b08bdcfb8ba21560d78699cff52c2639e540e755f
-
SSDEEP
768:mFRodA3UG1A5GXIFC6w3vJwQgSut7IQZS2H:mFOS3n14LwKvR7IN2H
Score1/10 -