Extracted

Extracted

• • Target

    22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6.zip

  • Size

    38KB

  • MD5

    a673667a024d675ff980bb083fd0659b

  • SHA1

    1dc4af0fb817c38c7c01c7731ec8c4ca52ebf360

  • SHA256

    73c07aa4bd216ebe870b332144fa8ec206bd518823c627a29ff7499bd65d9f4b

  • SHA512

    892147ee3943a55ab766f10bd5c3c30d040b478a9b05973597bb2490ddd50ef32c1a161d5314ceabb6a9de6f39a85084f25bc00e7c1739baa2cd9e10960e8a0f

  • SSDEEP

    768:9r60vylcUdGrLHm/2V/8DgMQ2CEsbvy8MDeFdAE3Hn51+5i8OLQ5Ggpl4kb:kPBQfG+FM8rbvhFeU51OM05tl

  Score

  3^/10

  discovery
  behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6behavioral7behavioral8behavioral9

• • Target

    22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6.exe

  • Size

    67KB

  • MD5

    598c53bfef81e489375f09792e487f1a

  • SHA1

    80a29bd2c349a8588edf42653ed739054f9a10f5

  • SHA256

    22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6

  • SHA512

    6a82ad5009588d2fa343bef8d9d2a02e2e76eec14979487a929a96a6b6965e82265a69ef8dd29a01927e9713468de3aedd7b5ee5e79839a1a50649855a160c35

  • SSDEEP

    1536:RzICS4AT6GxdEe+TOdincJXvKv8Zg3kl:qR7auJXSkZg3C

  Score

  10^/10

  blackmatterdiscoveryransomware

  • BlackMatter Ransomware

    BlackMatter ransomware group claims to be Darkside and REvil succesor.

    ransomwareblackmatter

  • Blackmatter family

    blackmatter

  • Renames multiple (190) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Sets desktop wallpaper using registry

    ransomware

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral10behavioral11behavioral12behavioral13behavioral14behavioral15behavioral16behavioral17behavioral18