@delphoslabs : We flagged this binary as Conti-style ransomware before checking threat intel. All automated. No unpacking. No signatures. Just behavior: Threaded loader. AES/RSA encryption. Dynamic API calls. It screamed “Conti” before we did. Patterns > signatures. delphoslabs.com/uploads/2b4e9a… • TwiCopy

Delphos Labs

@delphoslabs

+ Follow

ID: 1817655932089982978

calendar_today28-07-2024 20:18:51

1 Tweet

25 Followers

1 Following

Delphos Labs

@delphoslabs

3 months ago

We flagged this binary as Conti-style ransomware before checking threat intel. All automated. No unpacking. No signatures. Just behavior: Threaded loader. AES/RSA encryption. Dynamic API calls. It screamed “Conti” before we did. Patterns > signatures. delphoslabs.com/uploads/2b4e9a…

thumb_up_off_alt3

chat_bubble_outline0

repeat1

shareShare