General
-
Target
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb
-
Size
514KB
-
Sample
240908-xxsfps1glk
-
MD5
3d8f8da9897e81121c83d0d17c560452
-
SHA1
9829e8264216726f69e731394c08354e74a3b1f8
-
SHA256
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb
-
SHA512
de066843392b0fb410269142732885bb0e5f7cba8b78023d126d9ef14433451a8baa96b90091b9819d57a9e4cffd9ac44d733af46a4f70f5a0cc476f20293132
-
SSDEEP
3072:Qy3XfbBI4++rye6iLf2zKUAOe4UKXqlc8Lm87wgZPyzOmem0Oa9G8Y3:FXzin6raUKXSL/hIOH/
Static task
static1
Behavioral task
behavioral1
Sample
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
C:\Program Files (x86)\readme.txt
conti
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
https://contirecovery.click
Targets
-
-
Target
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb
-
Size
514KB
-
MD5
3d8f8da9897e81121c83d0d17c560452
-
SHA1
9829e8264216726f69e731394c08354e74a3b1f8
-
SHA256
75684493a91c2b71fc7446d4a949eac03d26e7fc68ed9a19e3b3374fe4806dfb
-
SHA512
de066843392b0fb410269142732885bb0e5f7cba8b78023d126d9ef14433451a8baa96b90091b9819d57a9e4cffd9ac44d733af46a4f70f5a0cc476f20293132
-
SSDEEP
3072:Qy3XfbBI4++rye6iLf2zKUAOe4UKXqlc8Lm87wgZPyzOmem0Oa9G8Y3:FXzin6raUKXSL/hIOH/
Score10/10-
Renames multiple (56) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-