General
-
Target
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a
-
Size
196KB
-
Sample
240424-zgjjzahc3s
-
MD5
350cec1ae844e843d7e964c3637f1809
-
SHA1
635c95f0986b4f17927e46af9a49d67238a5fc26
-
SHA256
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a
-
SHA512
94fe38b1e8825978d34d5a421f2fc04fd654dcb3dcfa9097151ea81394dca32d84a75292e819a04334cb73a92e51793c2e6c332c5dae0e702b8b93455758d483
-
SSDEEP
1536:W7ZQpApjIKTie+eqpSpC7ZQpApjIKTie+eqpSp0:6QWpqe+e4QWpqe+eG
Static task
static1
Behavioral task
behavioral1
Sample
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a
-
Size
196KB
-
MD5
350cec1ae844e843d7e964c3637f1809
-
SHA1
635c95f0986b4f17927e46af9a49d67238a5fc26
-
SHA256
c503a56e50273aca920fac704181fd86dbb618b0673bb88f43d705b28e4ad90a
-
SHA512
94fe38b1e8825978d34d5a421f2fc04fd654dcb3dcfa9097151ea81394dca32d84a75292e819a04334cb73a92e51793c2e6c332c5dae0e702b8b93455758d483
-
SSDEEP
1536:W7ZQpApjIKTie+eqpSpC7ZQpApjIKTie+eqpSp0:6QWpqe+e4QWpqe+eG
Score9/10-
Renames multiple (4021) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-