General
-
Target
BeastRansom.zip
-
Size
199KB
-
Sample
240425-t5s6escf8x
-
MD5
821c908c560625e2701bce316eed8e8d
-
SHA1
09262682a169bc0dc6f4ac4f3de770ef06438618
-
SHA256
fb6d089336b77fe2fde65ad4070ec00f9e9fde4f1c757950a58cf5a77739db41
-
SHA512
24cf2f6d9b9bf48fbdf978c3c075f16d595ac17f61a6fbeef7d84fc5ad92456764b1d95a6dafff125b47ab95819b36be1e96e138ff55cbf4fb591e4c6b205465
-
SSDEEP
6144:O+Gh5SYG+qwPtwNLzzcCFCqj3+tSycMvw:O+QkYvqKeHJUbSycv
Static task
static1
Behavioral task
behavioral1
Sample
____ __ __ _____240423 _ _____ ________.exe
Resource
win11-20240412-en
Malware Config
Extracted
C:\Users\Admin\README.TXT
http://utox.org
Targets
-
-
Target
____ __ __ _____240423 _ _____ ________.bin
-
Size
318KB
-
MD5
bbda482f1ecce55c24e1a444c03da58e
-
SHA1
57f3b40785acb35fd76a56334084a32ab3a41bca
-
SHA256
7e2de46d2c37fb24bee5223bd3f26bd6f49b54688a528a851898b0459adec3cd
-
SHA512
d6e21971ac6226692afcfbbd57cc8fdb178b98cd96f8a6a8a9fb6ce1d66f59323e171493a581f60c37817333db824333a83482aacac3634af4d769b352902adb
-
SSDEEP
3072:dT0VHJezp57AexD5EbZ+AQAZXczGSkr4baGtnzL35AhCgr6e+49AkIKCnXrLcXgc:qczLhMH1Uygc6749RIJXrLcXx5KqbI
Score10/10-
Renames multiple (140) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-