General
-
Target
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8
-
Size
182KB
-
Sample
240610-19v9xasgqb
-
MD5
a4782b325a98c48d37499b2f27333aeb
-
SHA1
6b7eee92bcd8319a0dfaee6a96e8bab1a1816330
-
SHA256
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8
-
SHA512
25acd55dcf123b2150ce8fabc868253afae6abe398869c45d4d310de6b92706729f386c6826b882b590d43ee10c048b067dae8c2f599b3488c26ec73d780207b
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUvIe7WpP9oVLQthbYY9oVLQthbUv3:RqADqAv
Static task
static1
Behavioral task
behavioral1
Sample
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8
-
Size
182KB
-
MD5
a4782b325a98c48d37499b2f27333aeb
-
SHA1
6b7eee92bcd8319a0dfaee6a96e8bab1a1816330
-
SHA256
589ec87993192bce6188b8ee59623b7ad6b6d784b7eecf1289442e8f5dff74c8
-
SHA512
25acd55dcf123b2150ce8fabc868253afae6abe398869c45d4d310de6b92706729f386c6826b882b590d43ee10c048b067dae8c2f599b3488c26ec73d780207b
-
SSDEEP
3072:6e7WpP9oVLQthbYY9oVLQthbUvIe7WpP9oVLQthbYY9oVLQthbUv3:RqADqAv
Score9/10-
Renames multiple (4532) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-