General
-
Target
Done.exe
-
Size
114KB
-
Sample
240524-rvzjcahe69
-
MD5
1cd00bce47b99fe9c7518551a37b4464
-
SHA1
e9a1b412d7f6e9a4b59b148547d5671f3502e290
-
SHA256
5e1980b65ffefcebab43b788e4a8661be9a1e3dbb1af1468c0fc504f4d420e8d
-
SHA512
88678264d0fb579b6e22073b703a4ec0bee61d493b4f682b3793a94ad63fa7afe56afe86be4f114b3beb88e74e574bec19fac509f8f2138e8a4d385d4998de46
-
SSDEEP
3072:wZbM1uArFpdSHP4tZr5f9MTSqqB5/Rv437PA:v86FpwHP+rcSqixRAD
Static task
static1
Behavioral task
behavioral1
Sample
Done.exe
Resource
win10v2004-20240426-de
Malware Config
Targets
-
-
Target
Done.exe
-
Size
114KB
-
MD5
1cd00bce47b99fe9c7518551a37b4464
-
SHA1
e9a1b412d7f6e9a4b59b148547d5671f3502e290
-
SHA256
5e1980b65ffefcebab43b788e4a8661be9a1e3dbb1af1468c0fc504f4d420e8d
-
SHA512
88678264d0fb579b6e22073b703a4ec0bee61d493b4f682b3793a94ad63fa7afe56afe86be4f114b3beb88e74e574bec19fac509f8f2138e8a4d385d4998de46
-
SSDEEP
3072:wZbM1uArFpdSHP4tZr5f9MTSqqB5/Rv437PA:v86FpwHP+rcSqixRAD
Score9/10-
Renames multiple (120) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-