General
-
Target
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65
-
Size
414KB
-
Sample
240614-c3bd6awcnm
-
MD5
fa46279f8d864951d5f534ad531a5602
-
SHA1
0e703bd76d4a4f78c24e9a279f2aff033de3f00a
-
SHA256
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65
-
SHA512
03fa301cbad157782aec4de8243ed1cc55f497b9fa1d5aaa2457a265d0e9559bdc1fee5dbd380650cc54747c36e74e51c713d27bf762f08347693590836ba9a4
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8yiXyf7Zf/FAxTWY1++PJHJXA/OsIZfzd:fnyiQSoIydnyiQSoIylh6hU
Behavioral task
behavioral1
Sample
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65
-
Size
414KB
-
MD5
fa46279f8d864951d5f534ad531a5602
-
SHA1
0e703bd76d4a4f78c24e9a279f2aff033de3f00a
-
SHA256
ad4fd4425147bcb26dcf6391cc649d1268f1e5bf6e8ae7920ede9b9cbef0ab65
-
SHA512
03fa301cbad157782aec4de8243ed1cc55f497b9fa1d5aaa2457a265d0e9559bdc1fee5dbd380650cc54747c36e74e51c713d27bf762f08347693590836ba9a4
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8yiXyf7Zf/FAxTWY1++PJHJXA/OsIZfzd:fnyiQSoIydnyiQSoIylh6hU
Score9/10-
Renames multiple (4355) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-