General
-
Target
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282
-
Size
122KB
-
Sample
240522-257ykscf42
-
MD5
6c4205f82be1c7fdef73485523b85cba
-
SHA1
e63b335dce9f56fccae4a061a1637b94d78889ef
-
SHA256
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282
-
SHA512
7a5e71f2bed094efe3c07ea5d812e5cabc29b853b8ee0282add6d58440f03d3fb36d272f70385b3929191d495db52c9e2319c94922bbae2ad11e0b59c926a0a2
-
SSDEEP
1536:67Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q1pkdv5+I8K/XCKCGSqzVp:+nyiQSo1Iv5+ufC58/
Behavioral task
behavioral1
Sample
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282
-
Size
122KB
-
MD5
6c4205f82be1c7fdef73485523b85cba
-
SHA1
e63b335dce9f56fccae4a061a1637b94d78889ef
-
SHA256
7482ef1acb27564cbd55a257ba8058074eaa1559c3c708d32ef303f6a477b282
-
SHA512
7a5e71f2bed094efe3c07ea5d812e5cabc29b853b8ee0282add6d58440f03d3fb36d272f70385b3929191d495db52c9e2319c94922bbae2ad11e0b59c926a0a2
-
SSDEEP
1536:67Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q1pkdv5+I8K/XCKCGSqzVp:+nyiQSo1Iv5+ufC58/
Score9/10-
Renames multiple (3749) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-