Overview

overview

10

Static

static

1

2024-11-21...er.exe

windows7-x64

9

2024-11-21...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-21_169c109fcb0c747cfe80734e94fb2324_avoslocker_cobalt-strike_luca-stealer

  • Size

    881KB

  • Sample

    241121-cvs91axejd

  • MD5

    169c109fcb0c747cfe80734e94fb2324

  • SHA1

    26f6929fc675f8b63bf7f5837d58e37ed4f0378e

  • SHA256

    7572b7597accdd220bcabdd337c2479d4b1bfc45aca71ef23acd79ad6949499e

  • SHA512

    09199ce9011c0811b3b45834e3c7b87d7323809b381c4e1d327dc6f26d0f9709287f5bc1453ebd8a6a6316e3631e17081b72a59d60a2d6a68e13e02863bc7b4a

  • SSDEEP

    24576:FfXAuZSzePWK2FGkRXwSInFwLAXvcgfah36ZzY:aJzUjXkgfwqZzY

Score
10/10
defense_evasiondiscoveryexecutionimpactransomware

Malware Config

Extracted

Path

C:\Users\Admin\AppData\Local\Temp\Decryptfiles.txt

Ransom Note
ATTENTION! Don't worry, you can return your files! All your files like photos, videos and other important documents are encrypted with a strong encryption algorithm and unique key. The only method of recovering files is to purchase a decrypt tool and your key. Do not try to recover your files without a decrypt tool, you may damage them making them impossible to recover we advise you contact us as soon as possible, otherwise there is a possibility that your files will never be returned. We will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision. Check your email 'Spam' or 'Junk' foeder if you don't get answer within 6 hours. Contact us email :[email protected] Attach this file in the email. ID :952491211A5428C4C599FC0FBAD61E97601D9C4A1F2AEFD81AE5CE5E572B56450072B7734E59918E9B170ED6C81B40668BD60CF9CAB89FAA0407F1C785C059ACA8C3A8A817474A26D7C66032D810CBC66662A07EA1BC7DA2F27E22F882E085FEEADAC4308564E74FED7C39CADA570A6160CCF68F53B071CA507AD12D2231BB08430C417D30D84F07F1479F6EBB2F2D4EEAF40847CAB9A6417C2B4EBC5CE116FD0D6FBDE1027CDB0680DF7C57922786941E0A0AE3C33B1086676C5DD18D2CE1DDDA42A01D654673BE6F91FA84A1839A717A5D6A7A42103069E96C90367AC8DBE58521095EF158BAC5E1F697C69BFC55C4BF0E10F60D0BCEC49B9A6128FBDE489CD4259673E92E33DCEAD11507A173B0AE324F2044DC55DC4347A2EDA0ADC07ADFE8AF48A71BD7B0CE626D9A2CFD7CE0A8C3DDD9F4E651C126C780244314FA808D88B17B9CED3B6DA726895D3DC4875FA5F594675BA7A7517ED2ECEECA0E32C799A5A84DF802900D981DD4B3F348451417F18CE4F7B2F44FCB5AF38C9D56F19820946937DE3A4B06BEDDBB61269AB08784C4F4B07879D604C20CB8624073736258F12555557DBA13544437E175E7D9EC6FA47A28C8C6AF99A3814E0683E7875C599EB68F58D067BF9756EF25EF8291A8F3554C97CE0915CCEE97B61BD88D64AC39F497312ADAAA57F1EB5B1664BCD3BEE6A21984BA6BE5DA0A65025F4E50E7CADA8064D4784AD0C9C821EE14804158902A99E3F8A541164D505AED2AD22E8207CC32059E44365A19F49EA1D2B953A9DA4774C89CD5CC13F986857B40CAA3F75E4FBA4DF0E612DAE395AA3848AE595C7B0685769547D8E9970961E1BD1ED4D87374C8D42DF362CD843E7ED0B06A3AF3F2FADEF7B0C842394F1C14A3D5CC9EF578D8E874ACE13332E14B0AD43BC60C7CA4EE2E792B0792831456866AFE8D06ADAA2E65F63E8844C9EED5245E5BE5306712766953D6888E25544AA90799B3740BC3B50FE03C49BF3C6A000C21D232A6DE3E3B3557D886A1E8D6383B2D6FEADF310CF19289F368BF2B336A7F460C6DFF6BE445FA7CBB9E749E98F787EFA9199C4A6633E30DFD211D02B516CD4BDFE9FB1E669C934039EA5CE9CFE11745500621250C76F878580ECB792F6B02D3B5DBD89F6105CB06977DA96462527FF2FB6A96B1B9399E709DAD2ACF055CE7150CEA69425580A64A7CB92C73F78D7CC050125A6A21517834C47A2EBC135C0CAA014050C63B16BABB123EF3E17C14118C98DD3D3A414295117594633E05F559EDA48B11DE27F65502907E0296892F064F42361467A83339F0EED2B9DACE98FDCE5D3D61EAE2EBECC1B48DE46A9E80D819A0E390530418F336D5B8A268C576456F1E6106346109C2260F81F17388D87293186BC361B0B5ECE23E33D41982B9DC184F4E0C9CEFED97079A161DB8CC02938684A17CF855610B8F44BAC9354A0304C26DC24DF5F8FD85F02B3FC9E4C9C302C949CD9EB5E567F0108797C1813D21292041EF4D2E471AA4A072CCF99F1C20549746C835C818A65708D44DA73ECBE8D9F614E2F3020620FED3BD4903E5F0F8DE0FCAB62F611FD50FC2B324EAC33A5A39E57E633EFACDCC90234446517EBBFA131931FD5703754977D6039B9F997AF6033FE93E8039754A38037C72E906B441F55FBE8BBAEF6AADCEA45E656DBB9C8A232343DED04B876035FC46A03CA3A24535DAE8327121E9FC4FAA7C4889ECCA24267AE1E96D7076B70B84DA1B8E2E904292866B18A401560C89DF0F21C37C36D9A50812DBD8E5EEBCA878E470F0C1485876D6D846E1AC5DE9C99CEC634C9AA88A9139954EFADAF45C005511AACBBFD286B90A200350E96DF5DDC1FF825E48BD6445153AFEDD49BB129B4630A16856692975C7DE138C250552518AEA5C3A3C996D22E1163A7C0EC7179AEFD5E494CA415002CBED92C47F093F128A0F43A975365E6DA55878A6D68C5DF0DDB30006A4A9B059EF2CBD79AF63958E9A93A52D5C95F28EB8741412B8BAF7D6A88ABD308019901D2896339F97E8423F5E6AFB2BC65AD88F19998D0FDD8D3CFD42E0BEDEED77513528F7EDDD9BC28877C74CCDBB624DC2A4F558C6A192BAFE25407E9A6AE8326A8404CE8E41DA5E56EFEC3A97AA4695F1131A07F279194D350BC7919FA942FB1963E8CAFB483869D42A6519F71A0894E1C19E4950D26248136C72E433A311ECFD54B2750D94012E183A7049F26A797B010CDF235BBED63CA06A8E74AB3EDB69158A1FBEE671EBC2BE01020150826495CC90E4408CFAA691576D88DF87D40E91C12DF2FFFE5E623EDD8C87157B9DE83E3DC8CEC203C4D59096952773055EA31A35B95DCC169E80AF08C61D5F9A00E91447D4528B

Targets

    • Target

      2024-11-21_169c109fcb0c747cfe80734e94fb2324_avoslocker_cobalt-strike_luca-stealer

    • Size

      881KB

    • MD5

      169c109fcb0c747cfe80734e94fb2324

    • SHA1

      26f6929fc675f8b63bf7f5837d58e37ed4f0378e

    • SHA256

      7572b7597accdd220bcabdd337c2479d4b1bfc45aca71ef23acd79ad6949499e

    • SHA512

      09199ce9011c0811b3b45834e3c7b87d7323809b381c4e1d327dc6f26d0f9709287f5bc1453ebd8a6a6316e3631e17081b72a59d60a2d6a68e13e02863bc7b4a

    • SSDEEP

      24576:FfXAuZSzePWK2FGkRXwSInFwLAXvcgfah36ZzY:aJzUjXkgfwqZzY

    Score
    10/10
    defense_evasiondiscoveryexecutionimpactransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks