General
-
Target
9be3b8dff2d24146e732fa8f81b1a56860b579622e31c991ceaf847ade9717ae.zip
-
Size
275KB
-
Sample
201026-n4fypbhbmn
-
MD5
e10141efbb389f9d30ef6346f4be3318
-
SHA1
ce3af708f3375049fb39321ac93a5a3cc4b3125c
-
SHA256
333228ab18216ac15c4e52529b43efb7364502b588d93d41e964789a5f081373
-
SHA512
c9f28cc5295cce556b71c4935dfbbd2fa8459337ec49856b373b312f5b7b3b216203632ebbad8c998f693b2bba025812e936a6f02d212f112ff3c4496a9212aa
Static task
static1
Behavioral task
behavioral1
Sample
9be3b8dff2d24146e732fa8f81b1a56860b579622e31c991ceaf847ade9717ae.exe
Resource
win7
Behavioral task
behavioral2
Sample
9be3b8dff2d24146e732fa8f81b1a56860b579622e31c991ceaf847ade9717ae.exe
Resource
win10
Malware Config
Extracted
C:\Users\Admin\Desktop\README_encrypted.txt
Targets
-
-
Target
9be3b8dff2d24146e732fa8f81b1a56860b579622e31c991ceaf847ade9717ae
-
Size
592KB
-
MD5
2bc8eb9cd7e24da82800105ce3fc52e7
-
SHA1
1b75ab3c677b082fae270da1e8d0d2841837d67a
-
SHA256
9be3b8dff2d24146e732fa8f81b1a56860b579622e31c991ceaf847ade9717ae
-
SHA512
ded152931da733433c4b6921313019cae0749bdff91d19bddf489478547628b3a4dcf42438515c83e965b38c7ce256cdba408fe22b68777c583cae014e5d2903
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service
-