General
-
Target
50a879053b11d436af23e4f38b9dacf2a610132c4ef88eff72f961e0650b9b1f
-
Size
5.7MB
-
Sample
240710-g1tj6stbre
-
MD5
4661ad2e73e4ca7ffef5931c6c97df6f
-
SHA1
1e0e0d1e1f518774e90c1224ee0faf901c5e8db0
-
SHA256
50a879053b11d436af23e4f38b9dacf2a610132c4ef88eff72f961e0650b9b1f
-
SHA512
fcecf3a9794b63e096a8a3bbc5715e0b2649224109d8b0fb986d50ae96839021bd718265fe82e028fc16872fd649d953d65a24726ff7f5761db40948664ce54a
-
SSDEEP
98304:nNWZ9fHqaRv+XIjY6Suu1pHyf7n3gMxJAChtDy7n1UNEkborMO78PmxXU/yCMs8c:nNTcoI7StpHyzQMvAChtDyb1UNEkqxtg
Behavioral task
behavioral1
Sample
df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3
-
Size
13.4MB
-
MD5
1ce3b67e179c8420bd5b31e75b4427ca
-
SHA1
4090622f0eadc1b420aa5d55e31ca5cd45e05f12
-
SHA256
df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3
-
SHA512
c708cc271fad1ecd29fccb010a34f54ba7b885d8827351a5d8be49f4781185248e789c3e35fa1c7862fdc0bf303e1d97f2585023e0b9fd14db3181f55d276f5f
-
SSDEEP
98304:aRqeZPPm0Rgmt7M17Lu1zdfj7zyg5oo5AZx8U8qPoBhLTlL4DQWVYHL9fu4h84MR:aMygJ9edfbhSo5Kp8qPKlL8QgYVhqn
Score10/10-
Renames multiple (177) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-