Extracted

• • Target

    1a130d16a9e828cccb6a2135cbd7f1615219979612e0bae67cbe7c9a9606cf51

  • Size

    501KB

  • MD5

    bf55c921b638ddf41a5120c90fe5f211

  • SHA1

    6a96dd8be36381d71eb7dac5f7a053064b546487

  • SHA256

    1a130d16a9e828cccb6a2135cbd7f1615219979612e0bae67cbe7c9a9606cf51

  • SHA512

    a3d91c51eb3bd59792f6cca32def989b4d069e489dcb74263f5f629fe300f4074b1a7d8a7a64410d7efc992e1d332108147aa0b2611e0777358749d7adfac166

  • SSDEEP

    12288:bGlEhiu/o/eXUG8nfBG5K92Qg+fgFfwjUKWXNDtn0lF620D4JNuq6JFcP:bGei/mUNaK9259wjU3dt0lF6264JArJs

  Score

  10^/10

  rookransomware

  • Rook

    Rook is a ransomware which copies from NightSky ransomware.

    ransomwarerook

  • Renames multiple (7075) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  behavioral1behavioral2