General
-
Target
mslog.exe.zip
-
Size
9.6MB
-
Sample
211003-x4nq4afeg3
-
MD5
82ece3f3723241b1edc4a3c288134a14
-
SHA1
f5d94a0f86ea23a09ba12defe6104c69415ca7c3
-
SHA256
ff7bc0e26149313a9645b535dc8307ea40b5502d2143314855da9d07d7268daa
-
SHA512
2d3fb32dee9de61f657ce2c91f9113b0442edea591467778c434027495b77bddd6030e69c4477758d2f2acc1b234205e738715b7b9b1e702287916cd9981a9f7
Static task
static1
Behavioral task
behavioral1
Sample
mslog.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
mslog.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
mslog.exe
-
Size
9.7MB
-
MD5
f203e938be3fe17ebf389ade9c6b2c9e
-
SHA1
85c697602efae829e8765a671b36e705a7c96662
-
SHA256
f0676c64a2f27a02d7947ad41eecfcd9fde5b47ea8fcb9be2a3838cb7dc86128
-
SHA512
fcb03c204577fc655361610ee27db83eb87a18ed17291055ef0c94de9df5de18e0624972ab4148cc6d3c2ffbcd5e63cc6ceb59292fd468687fac935bafff0030
Score9/10-
Modifies boot configuration data using bcdedit
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-