General
-
Target
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23
-
Size
176KB
-
Sample
240524-xxtnrsgc67
-
MD5
218a5b7be24e094c28ffc59f2d37dd5c
-
SHA1
9c4a3d409a53718c14e3674e371071496ba78fb2
-
SHA256
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23
-
SHA512
f815f6416a2fbbb00eff590e158c2a467122443c0cf59474a69ee5e505583275b7f147f4ee63ff32f837d2ce7c3c2e3878202759afc853d39dd8238a70d6a114
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEprWpcOPxPke+e3fFpsJOfFpsJbgEI:tFPxPke+eIQFPxPke+eII
Static task
static1
Behavioral task
behavioral1
Sample
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23
-
Size
176KB
-
MD5
218a5b7be24e094c28ffc59f2d37dd5c
-
SHA1
9c4a3d409a53718c14e3674e371071496ba78fb2
-
SHA256
1aba35511510e20eeb378597e849220bb634efed9778b9660fb7fa688ae87e23
-
SHA512
f815f6416a2fbbb00eff590e158c2a467122443c0cf59474a69ee5e505583275b7f147f4ee63ff32f837d2ce7c3c2e3878202759afc853d39dd8238a70d6a114
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEprWpcOPxPke+e3fFpsJOfFpsJbgEI:tFPxPke+eIQFPxPke+eII
Score9/10-
Renames multiple (3728) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-