General
-
Target
Dolphin.ini
-
Size
50B
-
Sample
250317-fz2cys1whx
-
MD5
c65f0a827d3445544eb211f91f034c40
-
SHA1
05fa6235b93939cbe7324d3df7333d5c5dbe7e49
-
SHA256
7f91e1e0839c047b1cbfb65f84d444dac70d3cd16f8e4f06ed7278bfe6212571
-
SHA512
63abc244862ed06c9f67b009b6c25994686cea8b7504112c46c4214843aa4a4b74a974e7279248f0e8f17a4b9b3cde54d4ee4345e422627e7895c9796c4824e0
Malware Config
Targets
-
-
Target
Dolphin.ini
-
Size
50B
-
MD5
c65f0a827d3445544eb211f91f034c40
-
SHA1
05fa6235b93939cbe7324d3df7333d5c5dbe7e49
-
SHA256
7f91e1e0839c047b1cbfb65f84d444dac70d3cd16f8e4f06ed7278bfe6212571
-
SHA512
63abc244862ed06c9f67b009b6c25994686cea8b7504112c46c4214843aa4a4b74a974e7279248f0e8f17a4b9b3cde54d4ee4345e422627e7895c9796c4824e0
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-