General
-
Target
1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
-
Size
2.0MB
-
Sample
230522-jhz1cahf3v
-
MD5
08e76dd242e64bb31aec09db8464b28f
-
SHA1
3f3f62c33030cfd64dba2d4ecb1634a9042ba292
-
SHA256
1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
-
SHA512
2aaac092a07e7238e73f7ed02243500de6f0c34182ab894eb6adb4364212b852301191c866dffa3450b8f795217b3f649b8eda91e604f5784523b7c22efbcaa8
-
SSDEEP
49152:8ddZj/Jrb/TyvO90dL3BmAFd4A64nsfJ7j7TPtGzd4RgLj2Dau/oZz/Fz1/:8dHj7KBg5ov
Malware Config
Targets
-
-
Target
1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
-
Size
2.0MB
-
MD5
08e76dd242e64bb31aec09db8464b28f
-
SHA1
3f3f62c33030cfd64dba2d4ecb1634a9042ba292
-
SHA256
1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
-
SHA512
2aaac092a07e7238e73f7ed02243500de6f0c34182ab894eb6adb4364212b852301191c866dffa3450b8f795217b3f649b8eda91e604f5784523b7c22efbcaa8
-
SSDEEP
49152:8ddZj/Jrb/TyvO90dL3BmAFd4A64nsfJ7j7TPtGzd4RgLj2Dau/oZz/Fz1/:8dHj7KBg5ov
Score9/10-
Renames multiple (7498) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (7798) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Deletes itself
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-