Overview

overview

10

Static

static

3

10887d13db...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10887d13dba1f83ef34e047455a04416d25a83079a7f3798ce3483e0526e3768.exe

  • Size

    153KB

  • Sample

    250410-kcf6qawwcw

  • MD5

    d96adf82f061b1a6c80699364a1e3208

  • SHA1

    1e71d6f6fa31cfcc7c96ca8f74e63f6427722fd3

  • SHA256

    10887d13dba1f83ef34e047455a04416d25a83079a7f3798ce3483e0526e3768

  • SHA512

    54635929cd4514b840494c58ca59337644e67e6e6a53dfa22c54b0c8c2aaa2caaeba9b58bf62967177fc867299cd72a1c339bc29541bb7d7b8d9328678d4e343

  • SSDEEP

    3072:dV+bSXmSOa792a6bpNecigiOPsnpriT9:D4SXK6t6LE2T

Score
10/10
hellokittydiscoveryransomware

Malware Config

Targets

    • Target

      10887d13dba1f83ef34e047455a04416d25a83079a7f3798ce3483e0526e3768.exe

    • Size

      153KB

    • MD5

      d96adf82f061b1a6c80699364a1e3208

    • SHA1

      1e71d6f6fa31cfcc7c96ca8f74e63f6427722fd3

    • SHA256

      10887d13dba1f83ef34e047455a04416d25a83079a7f3798ce3483e0526e3768

    • SHA512

      54635929cd4514b840494c58ca59337644e67e6e6a53dfa22c54b0c8c2aaa2caaeba9b58bf62967177fc867299cd72a1c339bc29541bb7d7b8d9328678d4e343

    • SSDEEP

      3072:dV+bSXmSOa792a6bpNecigiOPsnpriT9:D4SXK6t6LE2T

    Score
    10/10
    hellokittydiscoveryransomware

    • HelloKitty Ransomware

      Ransomware family which has been active since late 2020, and in early 2021 a variant compromised the CDProjektRed game studio.

      ransomwarehellokitty

    • Hellokitty family

      hellokitty

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks