General
-
Target
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208
-
Size
82KB
-
Sample
240523-d9tdzsch38
-
MD5
1186e28fd55429173d89efadced0cba8
-
SHA1
c901accf761e54bd6230b62ae4c368c80e258cf7
-
SHA256
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208
-
SHA512
8f9153f85c5767ab519f458b934e1125ad9a9ecde730fb8afe5c7c2eb948a1493d5bd214d05e9fc31079426f95a68670fc4c59710b7e8deca43fc22752d9b64d
-
SSDEEP
768:W7BlpNLpARFbhblkYlkuvIYFC7BlpNLpARFbhblkYlkuvIYFT/K:W7ZNLpApCZuvIYI7ZNLpApCZuvIY9/K
Static task
static1
Behavioral task
behavioral1
Sample
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208
-
Size
82KB
-
MD5
1186e28fd55429173d89efadced0cba8
-
SHA1
c901accf761e54bd6230b62ae4c368c80e258cf7
-
SHA256
d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208
-
SHA512
8f9153f85c5767ab519f458b934e1125ad9a9ecde730fb8afe5c7c2eb948a1493d5bd214d05e9fc31079426f95a68670fc4c59710b7e8deca43fc22752d9b64d
-
SSDEEP
768:W7BlpNLpARFbhblkYlkuvIYFC7BlpNLpARFbhblkYlkuvIYFT/K:W7ZNLpApCZuvIYI7ZNLpApCZuvIY9/K
Score9/10-
Renames multiple (4852) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-