General
-
Target
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255
-
Size
191KB
-
Sample
240614-zx39bazcqp
-
MD5
9a5c18c0d090493761a45a85319b1620
-
SHA1
cce37e2c8064edac59207bc9460259a183da23e3
-
SHA256
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255
-
SHA512
7ce9cbceac3c954839108b534081c1042a6ce565c95592c141b5e99b26cdb36603cf017a23e4205fb3907410f003419866b8b17243e7faa83a4cc64b45cf77ca
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEve+eqrWpcOPxPke+e3fFpsJOfFpsJbgEve+h:tFPxPke+eIve+edFPxPke+eIve+es
Static task
static1
Behavioral task
behavioral1
Sample
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255
-
Size
191KB
-
MD5
9a5c18c0d090493761a45a85319b1620
-
SHA1
cce37e2c8064edac59207bc9460259a183da23e3
-
SHA256
48a7a922e2963c6866b91fb2a57a9c0143254ccd97f6ec0faa389549a9341255
-
SHA512
7ce9cbceac3c954839108b534081c1042a6ce565c95592c141b5e99b26cdb36603cf017a23e4205fb3907410f003419866b8b17243e7faa83a4cc64b45cf77ca
-
SSDEEP
3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEve+eqrWpcOPxPke+e3fFpsJOfFpsJbgEve+h:tFPxPke+eIve+edFPxPke+eIve+es
Score9/10-
Renames multiple (3957) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-