General
-
Target
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b
-
Size
198KB
-
Sample
240424-244jrsbc9y
-
MD5
b48ac056d4cbaebb5bc0fd0a12a0ce65
-
SHA1
445d117265b485eb638d7e708ac74d6e1dd519e1
-
SHA256
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b
-
SHA512
44e62ea6504b45fb163449885b51cc14448bd58a7839954deeb0aa38403f502f14515257a7cc6139099d0a4e7e22bcf27238e72eb75ef3aab7947d1806b071c4
-
SSDEEP
6144:hfAIuZAIuDMVtM/1H0WH0UfAIuZAIuDMVtM/1H0WH0x:ZAIuZAIuOQH0WH0mAIuZAIuOQH0WH0x
Behavioral task
behavioral1
Sample
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b
-
Size
198KB
-
MD5
b48ac056d4cbaebb5bc0fd0a12a0ce65
-
SHA1
445d117265b485eb638d7e708ac74d6e1dd519e1
-
SHA256
7326b6c776aac32a147c5272a3643e3d65ce540518f02be1534d4abe8141b69b
-
SHA512
44e62ea6504b45fb163449885b51cc14448bd58a7839954deeb0aa38403f502f14515257a7cc6139099d0a4e7e22bcf27238e72eb75ef3aab7947d1806b071c4
-
SSDEEP
6144:hfAIuZAIuDMVtM/1H0WH0UfAIuZAIuDMVtM/1H0WH0x:ZAIuZAIuOQH0WH0mAIuZAIuOQH0WH0x
Score9/10-
Renames multiple (907) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-