Extracted

• • Target

    a64dd20cad3f3bb1ef1277b9924b2de0a40ed4e5b013db68ab59efc04d47b692

  • Size

    514KB

  • MD5

    d57c0e39087d67b6d397ca2c738e38e1

  • SHA1

    11d1507651e6c2e25ff0a78febe0f06f5c1419c0

  • SHA256

    a64dd20cad3f3bb1ef1277b9924b2de0a40ed4e5b013db68ab59efc04d47b692

  • SHA512

    dbda08c451fc029e98e27a36fa6e654558a576b8c249e6e1cbe0a94ba4b3158d992c524c8f9e22a00247c9578d6a8601550b6c531423227daff262c98c3238c4

  • SSDEEP

    3072:bwaXfbBI4++rye6iLfMzmlOe4UKXqlc8Lm87wgZPzOmem0Oa9G8Y3:RXzin6MUKXSL/hLOH/

  Score

  10^/10

  discoverycontiransomware

  • Conti Ransomware

    Ransomware generally thought to be a successor to Ryuk.

    ransomwareconti

  • Renames multiple (65) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  behavioral1behavioral2