Extracted

• • Target

    3d08732963ffdae8596f89cdfd34a2ec24865278c0763221c003254eeaf67554

  • Size

    510KB

  • MD5

    8b61e82104aa373f668adcd01f4c060a

  • SHA1

    9d1d4969b82eb562c5b3fa25551d83d5ab2fc1f9

  • SHA256

    3d08732963ffdae8596f89cdfd34a2ec24865278c0763221c003254eeaf67554

  • SHA512

    46f0965fcf0ec30f85b3226cd61225df93fe12a72a55aede85183418e3b8dd3461726828a2c3df6bb8049ce318f9ad6793f9f7c1f4ab2de2e2b96186e15fa8fc

  • SSDEEP

    3072:Scb5hx6cAzJkv06HGiqeS3kDYwAM/cNfK89j8Qa34o7dVxtLEokHnU:SGF6cuVql/Y5icDNYVbd

  Score

  10^/10

  contidiscoveryransomware

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Renames multiple (64) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Drops desktop.ini file(s)

  behavioral1behavioral2