General
-
Target
273ffc020f3bae8049be32d6b73371f35147f84ef19dfdad91217cdca3632d23
-
Size
20.5MB
-
Sample
240713-xkmdxsvfrf
-
MD5
a37a8feea4cf91fe2223efd28a48e1aa
-
SHA1
87b970c0012f7dfb630819ba3302dc87db360ffd
-
SHA256
273ffc020f3bae8049be32d6b73371f35147f84ef19dfdad91217cdca3632d23
-
SHA512
b402fee4ba98899312351bd4e6e2d1b6fccf5670f1ac702c5c707fa04e8c6734fda7f0ced26285557584cf2b0863b14746baa747738a5d7db042f64999571532
-
SSDEEP
393216:kWsa0cDnk94tFL8zQSAJFn6vKDpPIbxnWqYNIuXPjr33vTvyApcn:kWswWus26SDpPI9Ujrr33v+H
Malware Config
Extracted
C:\Users\Admin\Desktop\README.txt
1sd2WD1fEJnUPkGgfTEciWENKtLeUGMQe
Targets
-
-
Target
25af3ae9f4ebe5413b0ca1080b69b0ca.bin
-
Size
11.3MB
-
MD5
25af3ae9f4ebe5413b0ca1080b69b0ca
-
SHA1
c34e2a2d8ba0aaea3913227de0cbf87cad4ebd1b
-
SHA256
2d95507aa1ea5d2a6313bc5c201cf76e6aae4c207aa0fafe8f1fcb03e94102ec
-
SHA512
b7194be16c8d4db0fc8305165c6d0e0aa6684b36c58855d9fab11e0d59d8bf004475df9932588cabebeff7d4f9a71dfa6bd8e985cfde1e318eb34e6880960ff2
-
SSDEEP
196608:ZDgEmz555jYu/mmWeeOuWJysVYvsOFDeECRl2Ewf8jI48RmU/3ZlsPv+dvSh8CDw:Pmz51TWeeDWJVHykUtN3ZWMp
Score10/10-
DemonWare
Ransomware first seen in mid-2020.
-
Loads dropped DLL
-
-
-
Target
decryptor.exe
-
Size
9.6MB
-
MD5
4de3f7ed12fda2142563c791fe609867
-
SHA1
bce2ddb9861406067270a6e3bd19c42f50babc0d
-
SHA256
3f03e20b29331ecd88d69309adb9897ce749265441f13e049c458894fbc189ca
-
SHA512
13c8c101655f1169ac9a66ce62aae426b73d33c1a43923a2bd9847493b7b068f630e9cb9e1593cb23fd0120dc4a84f4809ba37a110da49187b0d1a2bf0ca48f8
-
SSDEEP
196608:ZegEmz+mWeeNuWJysVYvsO2DeECRl2Ewf8jI48RmU/3ZlsPv+djd8CaL3:QmXWeeEWJ4HykUtN3ZWMs3
Score7/10-
Loads dropped DLL
-