General
-
Target
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355
-
Size
7.3MB
-
Sample
240610-2kplhatcmh
-
MD5
93a7c970265e8192ad6fa96added6ab6
-
SHA1
29b6ef675fe2da6824874d1d9f0aa0fecf29496c
-
SHA256
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355
-
SHA512
b147c4fe5c95d2e07f807a117ff69a48fb63ad09705ab44132ac8b9ed6d17f3e154675dd8bd393bc02bca3028bcbb69ae8e26e11052bfb83e4f0231dea8dbc39
-
SSDEEP
98304:dtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNZ:LqBZtlV1qKpkfqbjeGVr4wZfNnJwv
Behavioral task
behavioral1
Sample
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355
-
Size
7.3MB
-
MD5
93a7c970265e8192ad6fa96added6ab6
-
SHA1
29b6ef675fe2da6824874d1d9f0aa0fecf29496c
-
SHA256
5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355
-
SHA512
b147c4fe5c95d2e07f807a117ff69a48fb63ad09705ab44132ac8b9ed6d17f3e154675dd8bd393bc02bca3028bcbb69ae8e26e11052bfb83e4f0231dea8dbc39
-
SSDEEP
98304:dtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNZ:LqBZtlV1qKpkfqbjeGVr4wZfNnJwv
Score9/10-
Detects executables containing URLs to raw contents of a Github gist
-
Renames multiple (198) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-