Overview

overview

10

Static

static

3

25af3ae9f4...ca.exe

windows7-x64

10

25af3ae9f4...ca.exe

windows10-2004-x64

10

Resubmissions

13-07-2024 18:55

240713-xk64bstakj 10

13-07-2024 18:50

240713-xg3xhavfjb 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    samples_pcap.zip

  • Size

    20.5MB

  • Sample

    240713-xk64bstakj

  • MD5

    a37a8feea4cf91fe2223efd28a48e1aa

  • SHA1

    87b970c0012f7dfb630819ba3302dc87db360ffd

  • SHA256

    273ffc020f3bae8049be32d6b73371f35147f84ef19dfdad91217cdca3632d23

  • SHA512

    b402fee4ba98899312351bd4e6e2d1b6fccf5670f1ac702c5c707fa04e8c6734fda7f0ced26285557584cf2b0863b14746baa747738a5d7db042f64999571532

  • SSDEEP

    393216:kWsa0cDnk94tFL8zQSAJFn6vKDpPIbxnWqYNIuXPjr33vTvyApcn:kWswWus26SDpPI9Ujrr33v+H

Score
10/10
demonwarepyinstallerransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\README.txt

Ransom Note
Tango Down Bitch! Seems like you got hit by GAmmA Group! Don't Panic, you get to have your files back! GAmmAWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key! Payment is accepted with Bitcoin only, Or Google [How to buy Bitcoin] Payment 0.052 BTC to: 1sd2WD1fEJnUPkGgfTEciWENKtLeUGMQe After Payment is confirmed Please Email: [email protected] with your IP/hostname & BTC transaction ID to receive your decryption key. Kind regards, GAmmA GrouP
Wallets

1sd2WD1fEJnUPkGgfTEciWENKtLeUGMQe

Targets

    • Target

      25af3ae9f4ebe5413b0ca1080b69b0ca.bin

    • Size

      11.3MB

    • MD5

      25af3ae9f4ebe5413b0ca1080b69b0ca

    • SHA1

      c34e2a2d8ba0aaea3913227de0cbf87cad4ebd1b

    • SHA256

      2d95507aa1ea5d2a6313bc5c201cf76e6aae4c207aa0fafe8f1fcb03e94102ec

    • SHA512

      b7194be16c8d4db0fc8305165c6d0e0aa6684b36c58855d9fab11e0d59d8bf004475df9932588cabebeff7d4f9a71dfa6bd8e985cfde1e318eb34e6880960ff2

    • SSDEEP

      196608:ZDgEmz555jYu/mmWeeOuWJysVYvsOFDeECRl2Ewf8jI48RmU/3ZlsPv+dvSh8CDw:Pmz51TWeeDWJVHykUtN3ZWMp

    Score
    10/10
    demonwareransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks