General
-
Target
RNSM00408.7z
-
Size
30.3MB
-
Sample
241028-ytp2vawdke
-
MD5
487d488a75593b71d0fc2b45a1f7d730
-
SHA1
fa9519a8b9f19146202340447fe8a4575dec4677
-
SHA256
d7db27fbc0721000c168e3bf726bb9bd7f10c18c7ed49d3618e6b31e50191ac9
-
SHA512
e0147341d939b6f108da49322017faf10b621cdf190b7ba1d2a986aace5caed931cf8617b29415c46af47e755654b54ce88bb84edd22f086d21095f169a280d9
-
SSDEEP
786432:LK/D9g7EtZFDeJQZWIaFA4W2LKU12ZOGuTmvWBeOtMbXQ/:GBDtZEZFzV9NuWg4MbXi
Static task
static1
Malware Config
Targets
-
-
Target
RNSM00408.7z
-
Size
30.3MB
-
MD5
487d488a75593b71d0fc2b45a1f7d730
-
SHA1
fa9519a8b9f19146202340447fe8a4575dec4677
-
SHA256
d7db27fbc0721000c168e3bf726bb9bd7f10c18c7ed49d3618e6b31e50191ac9
-
SHA512
e0147341d939b6f108da49322017faf10b621cdf190b7ba1d2a986aace5caed931cf8617b29415c46af47e755654b54ce88bb84edd22f086d21095f169a280d9
-
SSDEEP
786432:LK/D9g7EtZFDeJQZWIaFA4W2LKU12ZOGuTmvWBeOtMbXQ/:GBDtZEZFzV9NuWg4MbXi
-
Detected Xorist Ransomware
-
GandCrab payload
-
Gandcrab family
-
Xorist family
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-