General
-
Target
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04
-
Size
164KB
-
Sample
240425-ch1tbadd25
-
MD5
cec4f48eaeb7dfc1debbaf857a7ab207
-
SHA1
0af71c8014f2281d3812abf8127f1b7fad299839
-
SHA256
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04
-
SHA512
2ef2ae715e9f5f39022101769d521271d3a48fb1355c9a96ced4c4f369a2ee967bfafc6c6ea43ae0a959424b561b3a57becc22233eb7d4617b430f3f3b687124
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q1pkMJ+ZGtK1+ZGtKQNMdTajOtGtU1wAIuZAIuJB7:KQSo1EZGtKgZGtK/PgtU1wAIuZAIuL
Behavioral task
behavioral1
Sample
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04
-
Size
164KB
-
MD5
cec4f48eaeb7dfc1debbaf857a7ab207
-
SHA1
0af71c8014f2281d3812abf8127f1b7fad299839
-
SHA256
b157f0f826cdb9dcf64ee49f3032840cee7dca3606dfd0f5b21096307f1d7a04
-
SHA512
2ef2ae715e9f5f39022101769d521271d3a48fb1355c9a96ced4c4f369a2ee967bfafc6c6ea43ae0a959424b561b3a57becc22233eb7d4617b430f3f3b687124
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q1pkMJ+ZGtK1+ZGtKQNMdTajOtGtU1wAIuZAIuJB7:KQSo1EZGtKgZGtK/PgtU1wAIuZAIuL
Score9/10-
Renames multiple (3253) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-