General

  • Target

    de0b74917fe24c2b38e2d1172b7352f88bf8b3df64b6d44ca5f317db85aeb324.exe

  • Size

    7.8MB

  • Sample

    241006-jw468azekf

  • MD5

    4e66429d85967e344d8354e9b81719dc

  • SHA1

    b958fb7241cc9675b8dd967b02df6a6ad92de52d

  • SHA256

    de0b74917fe24c2b38e2d1172b7352f88bf8b3df64b6d44ca5f317db85aeb324

  • SHA512

    8645025d5c94eb2580c6094f47f733a7ab27d1482e4e5bcc9f93dc0e419b4d50fc1a1e0236ba8204f07389136032a9ebe64f5ea9cd3e42ddf2879a516d6cbe09

  • SSDEEP

    196608:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRRRRR/3LRcDRRRRRH56RRRRR9BcM9tpfHmH:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRR6

Score
10/10

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\CyberVolk_ReadMe.txt

Ransom Note
Greetings. All your files have been encrypted by CyberVolk ransomware. Please never try to recover your files without decryption key which I give you after pay. They could be disappeared? You should follow my words. Pay $1000 BTC to below address. My telegram : @hacker7 Our Team : https://t.me/cubervolk We always welcome you and your payment.
URLs

https://t.me/cubervolk

Targets

    • Target

      de0b74917fe24c2b38e2d1172b7352f88bf8b3df64b6d44ca5f317db85aeb324.exe

    • Size

      7.8MB

    • MD5

      4e66429d85967e344d8354e9b81719dc

    • SHA1

      b958fb7241cc9675b8dd967b02df6a6ad92de52d

    • SHA256

      de0b74917fe24c2b38e2d1172b7352f88bf8b3df64b6d44ca5f317db85aeb324

    • SHA512

      8645025d5c94eb2580c6094f47f733a7ab27d1482e4e5bcc9f93dc0e419b4d50fc1a1e0236ba8204f07389136032a9ebe64f5ea9cd3e42ddf2879a516d6cbe09

    • SSDEEP

      196608:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRRRRR/3LRcDRRRRRH56RRRRR9BcM9tpfHmH:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRR6

    Score
    10/10
    • Renames multiple (206) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks