Extracted

Extracted

• • Target

    Revil_1.1c

  • Size

    102KB

  • MD5

    707009f5555115354ccb5a3b759e7a69

  • SHA1

    40d8a0b3970ce4ccb2ec2b165c5253708ee928ca

  • SHA256

    11fd806cd4c320bca9dc958b2dac04e43691242421db878f266a9a5b09e12240

  • SHA512

    fd1d419377dfddc15c4dbf3c493e7dee33d8b4fef5cc510694f8f4bb263953f08d8464a6bcabbeb367b048e9a8237eb6191751a9e83ecd9ea3eabb780bc60ac7

  • SSDEEP

    3072:db+XoBHfYu9gggwgggwgggwgggwgggfk+LoS:dpkvo

  Score

  10^/10

  ransomware

  • Manipulates ESXi

    Manipulates ESXi.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral1

• • Target

    Revil_1.1d

  • Size

    102KB

  • MD5

    73041d7b9a93d3cda76e2a052ac02e82

  • SHA1

    f995852f291e2c946e15d20d020bb8e8defd317f

  • SHA256

    776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7

  • SHA512

    6f430874949362bf2d9d29153c0f9d0e5c53ea7bf69a44cf14c2627981d87ff0ad45fb12c26223dc33ceebf57b6113db37e347b2b4b2fa7ac037a63edc209371

  • SSDEEP

    3072:db+XoBHfYu9gggwgggwgggwgggwggg2k+LoS:dphvo

  Score

  10^/10

  ransomware

  • Manipulates ESXi

    Manipulates ESXi.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  behavioral2

• • Target

    Revil_1.2a

  • Size

    106KB

  • MD5

    3801a926ee836b6907d2d13723693d2d

  • SHA1

    cdf39434bb78871e839312e600b6fe40dc782a1f

  • SHA256

    d42bcb0fca6d93ce4c9a78e5393f7e5949c7398ac598f7c55b76120739eac544

  • SHA512

    ec312353aa521e39be7f86fe350daf663f793b3ca43d5223cb0acf091ea45f2770125a62c73ec1dec52666c3b3048ea355522347773a894a14840a19f8b762bc

  • SSDEEP

    3072:LQ7b+XdBHttsNgggwgggwgggwgggwgggYSYVP:mZFlVP

  Score

  1^/10
  behavioral3