General
-
Target
37924698d48454exeexeexeex.exe
-
Size
843KB
-
Sample
230706-s3qf3sdg6v
-
MD5
37924698d48454df2b486429f3f75c8c
-
SHA1
04a99995340a925fc814198801ef98dc7cb2290c
-
SHA256
3c049a4ab2751f51e99c90ccf937d7852e6914459252ffb85757fa02bc8bceb4
-
SHA512
2d80843a089f58353d1bcdaf7e7ee1136672ca0bdaaa8f592718e701bc2d77c7c259a57aba0f6ea4478e9a74999bed4638bdfb94800a59db26094ad053db0747
-
SSDEEP
24576:wtE2HD/tvy3I+0h5AeM5vNhAhEzEfoBefYrhMTEUrVUo59:wtE29y3CtMhAhEW3EKUoP
Static task
static1
Behavioral task
behavioral1
Sample
37924698d48454exeexeexeex.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
37924698d48454exeexeexeex.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
37924698d48454exeexeexeex.exe
-
Size
843KB
-
MD5
37924698d48454df2b486429f3f75c8c
-
SHA1
04a99995340a925fc814198801ef98dc7cb2290c
-
SHA256
3c049a4ab2751f51e99c90ccf937d7852e6914459252ffb85757fa02bc8bceb4
-
SHA512
2d80843a089f58353d1bcdaf7e7ee1136672ca0bdaaa8f592718e701bc2d77c7c259a57aba0f6ea4478e9a74999bed4638bdfb94800a59db26094ad053db0747
-
SSDEEP
24576:wtE2HD/tvy3I+0h5AeM5vNhAhEzEfoBefYrhMTEUrVUo59:wtE29y3CtMhAhEW3EKUoP
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-