General
-
Target
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49
-
Size
175KB
-
Sample
240526-b4b7eaac7w
-
MD5
349433a2d6d3be1c41a25b99e4510855
-
SHA1
64c507f05b365a78551dd3546520548ee5b6d7df
-
SHA256
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49
-
SHA512
9ffdf0835122fc18148955707b012a6c386d30d8dc34663806a5fc2a8f04dfcf258ce5bc112c5ac9eecb0560d1dafacbc65d4dd784f8ed8ed7cfe9864e89002a
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUv1kIe7WpP9oVLQthbYY9oVLQthbUv1k8:RqAtkrqAtk8
Static task
static1
Behavioral task
behavioral1
Sample
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49
-
Size
175KB
-
MD5
349433a2d6d3be1c41a25b99e4510855
-
SHA1
64c507f05b365a78551dd3546520548ee5b6d7df
-
SHA256
ab81f1b5ca49f2a862d49a1859326554a10417a2caf6291adc64ae1116fb2d49
-
SHA512
9ffdf0835122fc18148955707b012a6c386d30d8dc34663806a5fc2a8f04dfcf258ce5bc112c5ac9eecb0560d1dafacbc65d4dd784f8ed8ed7cfe9864e89002a
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUv1kIe7WpP9oVLQthbYY9oVLQthbUv1k8:RqAtkrqAtk8
Score9/10-
Renames multiple (3586) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-