General
-
Target
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b
-
Size
178KB
-
Sample
240425-eq156afb7y
-
MD5
68665fcf2336314f97e7750bbedf5bfb
-
SHA1
ad80fbbd634f878e6ee127f0437ac8ae10012eac
-
SHA256
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b
-
SHA512
10c446a95ac221b96b55a693ac707e7b63e3bdc0e1f17d49cad01ad09024c93a937d6814874f275db5e82ce00d18de9fb5b92632b2ff3aefaf9068460c4e947d
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEGrWpcOPxPke+e3fFpsJOfFpsJbgEYwY:tFPxPke+eI5FPxPke+eI8
Static task
static1
Behavioral task
behavioral1
Sample
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b
-
Size
178KB
-
MD5
68665fcf2336314f97e7750bbedf5bfb
-
SHA1
ad80fbbd634f878e6ee127f0437ac8ae10012eac
-
SHA256
dc4b96f07a15a4c4f40538855aba5254a00ae2b50e98815d30922288ae355d2b
-
SHA512
10c446a95ac221b96b55a693ac707e7b63e3bdc0e1f17d49cad01ad09024c93a937d6814874f275db5e82ce00d18de9fb5b92632b2ff3aefaf9068460c4e947d
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEGrWpcOPxPke+e3fFpsJOfFpsJbgEYwY:tFPxPke+eI5FPxPke+eI8
Score9/10-
Renames multiple (5608) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-