General
-
Target
ransomware
-
Size
678KB
-
Sample
200630-ns1w3kbn4j
-
MD5
35271695a6202c514fef4520d49886ea
-
SHA1
8a7cc5c0f41ae45064a88ec67ab0e8a3ca2514f2
-
SHA256
58290a95e1795ec7312e4ce26bfff7e0fb7a620a3aac2627d3ae6c83f5a4bf60
-
SHA512
ff9e77f83fc28c4461cd335bb41b762e93ac57ad15c2489631ed4869a0c1d0fb94b1491629fcb29bb96629a5dcaaeedc9b31b07055d1465a14a685235fd8d4f9
Static task
static1
Behavioral task
behavioral1
Sample
ransomware.exe
Resource
win7
Behavioral task
behavioral2
Sample
ransomware.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
ransomware
-
Size
678KB
-
MD5
35271695a6202c514fef4520d49886ea
-
SHA1
8a7cc5c0f41ae45064a88ec67ab0e8a3ca2514f2
-
SHA256
58290a95e1795ec7312e4ce26bfff7e0fb7a620a3aac2627d3ae6c83f5a4bf60
-
SHA512
ff9e77f83fc28c4461cd335bb41b762e93ac57ad15c2489631ed4869a0c1d0fb94b1491629fcb29bb96629a5dcaaeedc9b31b07055d1465a14a685235fd8d4f9
Score10/10-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
-
Modifies service
-