General
-
Target
play1.exe
-
Size
501KB
-
Sample
230605-y79cmsaf88
-
MD5
99f06260f5704409d6e2dfd938f537a7
-
SHA1
36bbefd6e70d4b4fa47cb75a255159d8033e2a23
-
SHA256
069a4348b28a37bf88f1c5b4385e202a3a08d43075d307e66489842273acd1b6
-
SHA512
110b506562782de8494b2ab5662bd5ad1ad38b0f4e33ee7e289187f7eed7794d86b3c417eecaade937788c50c161cf0f4ca7962a6467c3534707f125856b8fa4
-
SSDEEP
6144:X5p+lJPqveiFZNBf2ogKxdd+i8J/I4JQy/6UqyS+vo/V2IhAD25lSN:J0amid5gBZL/6UzN5Ihy6SN
Static task
static1
Behavioral task
behavioral1
Sample
play1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
play1.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
play1.exe
-
Size
501KB
-
MD5
99f06260f5704409d6e2dfd938f537a7
-
SHA1
36bbefd6e70d4b4fa47cb75a255159d8033e2a23
-
SHA256
069a4348b28a37bf88f1c5b4385e202a3a08d43075d307e66489842273acd1b6
-
SHA512
110b506562782de8494b2ab5662bd5ad1ad38b0f4e33ee7e289187f7eed7794d86b3c417eecaade937788c50c161cf0f4ca7962a6467c3534707f125856b8fa4
-
SSDEEP
6144:X5p+lJPqveiFZNBf2ogKxdd+i8J/I4JQy/6UqyS+vo/V2IhAD25lSN:J0amid5gBZL/6UzN5Ihy6SN
Score10/10-
Renames multiple (8354) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (8441) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-