General
-
Target
d17ff05fe3ecccb7d80327f6907c260d336816ec7fb6d3ae54e58de86e2caee4
-
Size
1000KB
-
Sample
240531-rx54xacb39
-
MD5
bdd8042e0cad403db7265bd31c9cac69
-
SHA1
6ddb13bca925dd49782555ea0cb58dcd89fff96c
-
SHA256
d17ff05fe3ecccb7d80327f6907c260d336816ec7fb6d3ae54e58de86e2caee4
-
SHA512
c6a47b4f48e88ba27993b19f928bb9e05b157fc98ba9a702624e4ec2efcb5323e81057e6120dc8c9ae0aa953cffb1fed0c944e229025d2ff05a22ec08e0e87c5
-
SSDEEP
12288:1EmO+SxQsd/rl/tCJIsREL1Z8a5ghFW2Dd0Ri5cu2V4hib9qVEbBU4x8w9+C0GA9:ujxQajlmIuyDZoqRi5cTNp7bwCRAyC9
Malware Config
Targets
-
-
Target
d17ff05fe3ecccb7d80327f6907c260d336816ec7fb6d3ae54e58de86e2caee4
-
Size
1000KB
-
MD5
bdd8042e0cad403db7265bd31c9cac69
-
SHA1
6ddb13bca925dd49782555ea0cb58dcd89fff96c
-
SHA256
d17ff05fe3ecccb7d80327f6907c260d336816ec7fb6d3ae54e58de86e2caee4
-
SHA512
c6a47b4f48e88ba27993b19f928bb9e05b157fc98ba9a702624e4ec2efcb5323e81057e6120dc8c9ae0aa953cffb1fed0c944e229025d2ff05a22ec08e0e87c5
-
SSDEEP
12288:1EmO+SxQsd/rl/tCJIsREL1Z8a5ghFW2Dd0Ri5cu2V4hib9qVEbBU4x8w9+C0GA9:ujxQajlmIuyDZoqRi5cTNp7bwCRAyC9
Score10/10-
Avoslocker Ransomware
Avoslocker is a relatively new ransomware, that was observed in late June and early July, 2021.
-
Renames multiple (10403) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-