Overview

overview

10

Static

static

3

cede0a34e9...ba.exe

windows7-x64

7

cede0a34e9...ba.exe

windows10-2004-x64

10

Resubmissions

20-03-2024 09:05

240320-k2b83aea3y 10

19-03-2024 09:41

240319-lnrl9sge29 10

16-03-2024 19:26

240316-x5j5asac31 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cede0a34e9d113730c70ff5bf98a26ba

  • Size

    23.5MB

  • Sample

    240316-x5j5asac31

  • MD5

    cede0a34e9d113730c70ff5bf98a26ba

  • SHA1

    6afb850b76ca0bff6ed1aaadd4b5232351807611

  • SHA256

    01846406554cd4b29e1d9bd0f35396fcb437b8f264edf4f86431bda7a530edbb

  • SHA512

    6da7515ba7b9bf1678e52d3fa1437a375b627376a84635a8b0c494daab5b2de49baba1b50ddb72eed8b33600a14259eceaf3aa13ec7f268751fd9cdcc2d65c24

  • SSDEEP

    393216:FlCFPLCEDo2WtYjUaNRDHvcrwhvr+bUn2KekLTP/WViHjL2ciIrHWTtN3ZWykTHS:FeCEDVfjrRj0r6+bUno0j4ILgtN35SD6

Score
10/10
demonwarepyinstallerransomware

Malware Config

Extracted

Path

C:\Users\Admin\Pictures\README.txt

Family

demonware

Ransom Note
Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: https://keys.zeznzo.nl and search for your IP/hostname to get your key. Kind regards, Zeznzo
URLs

https://keys.zeznzo.nl

Targets

    • Target

      cede0a34e9d113730c70ff5bf98a26ba

    • Size

      23.5MB

    • MD5

      cede0a34e9d113730c70ff5bf98a26ba

    • SHA1

      6afb850b76ca0bff6ed1aaadd4b5232351807611

    • SHA256

      01846406554cd4b29e1d9bd0f35396fcb437b8f264edf4f86431bda7a530edbb

    • SHA512

      6da7515ba7b9bf1678e52d3fa1437a375b627376a84635a8b0c494daab5b2de49baba1b50ddb72eed8b33600a14259eceaf3aa13ec7f268751fd9cdcc2d65c24

    • SSDEEP

      393216:FlCFPLCEDo2WtYjUaNRDHvcrwhvr+bUn2KekLTP/WViHjL2ciIrHWTtN3ZWykTHS:FeCEDVfjrRj0r6+bUno0j4ILgtN35SD6

    Score
    10/10
    demonwareransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks