General
-
Target
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d
-
Size
134KB
-
Sample
240425-eajk6sef62
-
MD5
2bda753a811ed70300cedc2a79a1ced9
-
SHA1
bf5d0b6b77c450033663ba45cd87cce665587de4
-
SHA256
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d
-
SHA512
0fea1715b55124d230eb48f08b72fb969cddd447e379ba472b4dc1094fc22ed79422ea4a79a9fe173884bea5d7e08b4bd81f9c47b6c65a62bc8b805d572f5032
-
SSDEEP
1536:W7ZDpApYbWjIlE77uy6BhX7ZDpApYbWjIlE77uy6Bh5:6DWpwE7mDWpwE7O
Static task
static1
Behavioral task
behavioral1
Sample
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d
-
Size
134KB
-
MD5
2bda753a811ed70300cedc2a79a1ced9
-
SHA1
bf5d0b6b77c450033663ba45cd87cce665587de4
-
SHA256
d32d29e70c5142a872aa506487bed7327af57c901942000b2f309f5e83a3202d
-
SHA512
0fea1715b55124d230eb48f08b72fb969cddd447e379ba472b4dc1094fc22ed79422ea4a79a9fe173884bea5d7e08b4bd81f9c47b6c65a62bc8b805d572f5032
-
SSDEEP
1536:W7ZDpApYbWjIlE77uy6BhX7ZDpApYbWjIlE77uy6Bh5:6DWpwE7mDWpwE7O
Score9/10-
Renames multiple (1034) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-