General
-
Target
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b
-
Size
64KB
-
Sample
240620-fvg4hsvfjm
-
MD5
3d1d516c0066fd76cf55efb2ae748374
-
SHA1
5803a2949a864cb2df2ac84a95b779d17e3ab5bd
-
SHA256
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b
-
SHA512
dad6bf96109f21c516868cca931ce3761920c96023f457542ada2779db7d2be970c03436074a95e90721e99592c7e46ff1cd31de7474c6b22b1a28592d626e2c
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsxe+eX7n97ns1o8k1o80:KQSohsUsxe+erZs1o8k1o80
Behavioral task
behavioral1
Sample
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b
-
Size
64KB
-
MD5
3d1d516c0066fd76cf55efb2ae748374
-
SHA1
5803a2949a864cb2df2ac84a95b779d17e3ab5bd
-
SHA256
ef2858d6a128199182273705e5185fb47fb989df623a0823cf8de1b07eeb2a5b
-
SHA512
dad6bf96109f21c516868cca931ce3761920c96023f457542ada2779db7d2be970c03436074a95e90721e99592c7e46ff1cd31de7474c6b22b1a28592d626e2c
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsxe+eX7n97ns1o8k1o80:KQSohsUsxe+erZs1o8k1o80
Score9/10-
Renames multiple (3746) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-