General
-
Target
00688ead526d7ae741450c176a3c9a0a24f4da5980c6c7c09b6088fbee205d7f
-
Size
1002KB
-
Sample
240529-hycdjsed9t
-
MD5
6eb93471d34dce78877ebc870816238f
-
SHA1
288796474024860cd052925518947e71da404aeb
-
SHA256
00688ead526d7ae741450c176a3c9a0a24f4da5980c6c7c09b6088fbee205d7f
-
SHA512
1e7e6dcddd3d799e1180a2e0edb37f61b170ffb2d6ccc32fc13057c0ce39aa379217c46749c390f63af727e5041a374b612753babdbdb8aaf893e51118ec3ea6
-
SSDEEP
24576:eUBPDxG9OhoBEbxWx7wS1XKNPe3U+Emr:eU5NQqWxtKl6wg
Malware Config
Targets
-
-
Target
00688ead526d7ae741450c176a3c9a0a24f4da5980c6c7c09b6088fbee205d7f
-
Size
1002KB
-
MD5
6eb93471d34dce78877ebc870816238f
-
SHA1
288796474024860cd052925518947e71da404aeb
-
SHA256
00688ead526d7ae741450c176a3c9a0a24f4da5980c6c7c09b6088fbee205d7f
-
SHA512
1e7e6dcddd3d799e1180a2e0edb37f61b170ffb2d6ccc32fc13057c0ce39aa379217c46749c390f63af727e5041a374b612753babdbdb8aaf893e51118ec3ea6
-
SSDEEP
24576:eUBPDxG9OhoBEbxWx7wS1XKNPe3U+Emr:eU5NQqWxtKl6wg
Score10/10-
Avoslocker Ransomware
Avoslocker is a relatively new ransomware, that was observed in late June and early July, 2021.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies boot configuration data using bcdedit
-
Renames multiple (10383) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Sets desktop wallpaper using registry
-