General
-
Target
NEAS.fb005d1a19169ed3e68ef99d81bf6170_JC.exe
-
Size
216KB
-
Sample
231031-vepwradd37
-
MD5
fb005d1a19169ed3e68ef99d81bf6170
-
SHA1
c349a2c6c7c27483483dec3d1baf1949d9a5fcd8
-
SHA256
adcd32bf6c923eed16069a9cdbe93572825a4e256ddaaef69119aaad43ff07a4
-
SHA512
82c7cafd5c7280a776ca2aba571f2f774052c22e3a50e0c26de6418bd4eca6b9fd3bbcd126162b0fb5596d6a30fd71a50a22b55adc821c9dc11c1c53880a3b99
-
SSDEEP
3072:6e7Wpcm4HISSP4jgbEl4TWZFU6TcTSWEmOTcTSWEmZe7Wpcm4HISSP4jgbEl4TWR:Rqe6CgbEWToZPqe6CgbEWToZT
Malware Config
Targets
-
-
Target
NEAS.fb005d1a19169ed3e68ef99d81bf6170_JC.exe
-
Size
216KB
-
MD5
fb005d1a19169ed3e68ef99d81bf6170
-
SHA1
c349a2c6c7c27483483dec3d1baf1949d9a5fcd8
-
SHA256
adcd32bf6c923eed16069a9cdbe93572825a4e256ddaaef69119aaad43ff07a4
-
SHA512
82c7cafd5c7280a776ca2aba571f2f774052c22e3a50e0c26de6418bd4eca6b9fd3bbcd126162b0fb5596d6a30fd71a50a22b55adc821c9dc11c1c53880a3b99
-
SSDEEP
3072:6e7Wpcm4HISSP4jgbEl4TWZFU6TcTSWEmOTcTSWEmZe7Wpcm4HISSP4jgbEl4TWR:Rqe6CgbEWToZPqe6CgbEWToZT
Score9/10-
Renames multiple (1212) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (2658) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-