General
-
Target
4731758b5f792686547e861c6bd86ccf88ddb63cba6fa6b048a46cfc5f146325.bin.sample
-
Size
12KB
-
Sample
230124-zrenrsfd7t
-
MD5
784d3d48c9f583292a9928697d7cf87b
-
SHA1
c6dbd334524d6e6361550995c33a76ad0b6793aa
-
SHA256
4731758b5f792686547e861c6bd86ccf88ddb63cba6fa6b048a46cfc5f146325
-
SHA512
ae2a34a08c35dca812812d21dedb2bde3f2153b5e25dff18b866be501630a7705f93a64e428577af7e3588a301f0c9dd309cf79513f4a7bd0b0b5e66edba2e52
-
SSDEEP
192:S/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMonWNo:SebFNw4Pk1itKkpAjjI2Ypdmo0o
Malware Config
Targets
-
-
Target
4731758b5f792686547e861c6bd86ccf88ddb63cba6fa6b048a46cfc5f146325.bin.sample
-
Size
12KB
-
MD5
784d3d48c9f583292a9928697d7cf87b
-
SHA1
c6dbd334524d6e6361550995c33a76ad0b6793aa
-
SHA256
4731758b5f792686547e861c6bd86ccf88ddb63cba6fa6b048a46cfc5f146325
-
SHA512
ae2a34a08c35dca812812d21dedb2bde3f2153b5e25dff18b866be501630a7705f93a64e428577af7e3588a301f0c9dd309cf79513f4a7bd0b0b5e66edba2e52
-
SSDEEP
192:S/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMonWNo:SebFNw4Pk1itKkpAjjI2Ypdmo0o
Score8/10-
Drops file in Drivers directory
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-