General
-
Target
df2175421c791abbbe00721d185b0126fdcfa65948c5df89db284ccd4ae65d4d
-
Size
534KB
-
Sample
240622-xb3pjsyhpe
-
MD5
8e8eaa9b81f664c796225ac49e9ecb71
-
SHA1
320e25a4b4918dd76582c7f7e68f3d68268b17f7
-
SHA256
df2175421c791abbbe00721d185b0126fdcfa65948c5df89db284ccd4ae65d4d
-
SHA512
66529bd7faa3275856fa87e7ec5ed250b0fc694f12e5fab2d1e84aa367844d42c7a19911065c9f2985752d55addc921797c77861081f2f40b5f1a69f84d935d0
-
SSDEEP
12288:1FF+1IiVMR/La01MZa03EiYIRKoMDKd+A1Ll7e7:1FFroMROFZa03EiYILWWvll74
Static task
static1
Behavioral task
behavioral1
Sample
df2175421c791abbbe00721d185b0126fdcfa65948c5df89db284ccd4ae65d4d.exe
Resource
win10-20240404-en
Malware Config
Extracted
C:\Users\DECRYPT-FILES.html
http-equiv="Content-Type"
http-equiv="Content-Style-Type"
Targets
-
-
Target
df2175421c791abbbe00721d185b0126fdcfa65948c5df89db284ccd4ae65d4d
-
Size
534KB
-
MD5
8e8eaa9b81f664c796225ac49e9ecb71
-
SHA1
320e25a4b4918dd76582c7f7e68f3d68268b17f7
-
SHA256
df2175421c791abbbe00721d185b0126fdcfa65948c5df89db284ccd4ae65d4d
-
SHA512
66529bd7faa3275856fa87e7ec5ed250b0fc694f12e5fab2d1e84aa367844d42c7a19911065c9f2985752d55addc921797c77861081f2f40b5f1a69f84d935d0
-
SSDEEP
12288:1FF+1IiVMR/La01MZa03EiYIRKoMDKd+A1Ll7e7:1FFroMROFZa03EiYILWWvll74
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Sets desktop wallpaper using registry
-