General
-
Target
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1
-
Size
174KB
-
Sample
240525-zq94aaaf36
-
MD5
086e85ec802bbec0b84c30a6e9d8a806
-
SHA1
506ae3be4b6d7ce0bd9c8fb0a62a70254b2ebe10
-
SHA256
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1
-
SHA512
b5ae95a30d71e70e0733e550b754e15a6bb42db03961c29a1554b2afe6554b26c3b350f4f7b8874ab147acf3f1ca38a5a6ccfb48c61bb053677cedf14f30c939
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUv1kUe7WpP9oVLQthbYY9oVLQthbUv1kO:RqAtkfqAtkO
Static task
static1
Behavioral task
behavioral1
Sample
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1
-
Size
174KB
-
MD5
086e85ec802bbec0b84c30a6e9d8a806
-
SHA1
506ae3be4b6d7ce0bd9c8fb0a62a70254b2ebe10
-
SHA256
41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1
-
SHA512
b5ae95a30d71e70e0733e550b754e15a6bb42db03961c29a1554b2afe6554b26c3b350f4f7b8874ab147acf3f1ca38a5a6ccfb48c61bb053677cedf14f30c939
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUv1kUe7WpP9oVLQthbYY9oVLQthbUv1kO:RqAtkfqAtkO
Score9/10-
Renames multiple (3542) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-