General
-
Target
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36
-
Size
136KB
-
Sample
240420-cndkzadg63
-
MD5
3cf76c990ec3d53dca6ddd837baea433
-
SHA1
8353a89eb9076d8913c8be161244f3df8579cf6b
-
SHA256
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36
-
SHA512
76396c26dd2829c0802ff4ddd48786a65f051c73dd98c444ab487b2e6c2af8ffdd28b38c76cd607d326b7b38fdc7f22cb68f25c74ce3d123b0004809d32bb604
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUrt7tce7WpP9oVLQthbYY9oVLQthbUrt7tN:RqAjqAR
Static task
static1
Behavioral task
behavioral1
Sample
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36
-
Size
136KB
-
MD5
3cf76c990ec3d53dca6ddd837baea433
-
SHA1
8353a89eb9076d8913c8be161244f3df8579cf6b
-
SHA256
bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36
-
SHA512
76396c26dd2829c0802ff4ddd48786a65f051c73dd98c444ab487b2e6c2af8ffdd28b38c76cd607d326b7b38fdc7f22cb68f25c74ce3d123b0004809d32bb604
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUrt7tce7WpP9oVLQthbYY9oVLQthbUrt7tN:RqAjqAR
Score9/10-
Renames multiple (4793) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-