General
-
Target
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7
-
Size
196KB
-
Sample
240610-2g47satfll
-
MD5
23749dc3613e84b90b3b89d1be887d4c
-
SHA1
85997c486f3f536f4129060832bcfcaef15a59fc
-
SHA256
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7
-
SHA512
ced2cf7527e44797d3dbc5a20ce1b78135e6832c907d98e8fd0fa2c3d44eff2f2d12f2bf8821c419a7b612fe02b31df9a076ea517ee2a8dce9dfb65a5790c76f
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEPrWpcOPxPke+e3fFpsJOfFpsJbgE5:tFPxPke+eIyFPxPke+eI5
Static task
static1
Behavioral task
behavioral1
Sample
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7
-
Size
196KB
-
MD5
23749dc3613e84b90b3b89d1be887d4c
-
SHA1
85997c486f3f536f4129060832bcfcaef15a59fc
-
SHA256
5e33801d14e597b0a0ed22e41f1b4f31fef038338573980dc2548bb047c0add7
-
SHA512
ced2cf7527e44797d3dbc5a20ce1b78135e6832c907d98e8fd0fa2c3d44eff2f2d12f2bf8821c419a7b612fe02b31df9a076ea517ee2a8dce9dfb65a5790c76f
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEPrWpcOPxPke+e3fFpsJOfFpsJbgE5:tFPxPke+eIyFPxPke+eI5
Score9/10-
Renames multiple (4054) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-