General
-
Target
65eb33224efc3aa772d88aac1f74c650N.exe
-
Size
511KB
-
Sample
240716-epd91atgrn
-
MD5
65eb33224efc3aa772d88aac1f74c650
-
SHA1
735d5689ec025a7aaf9f6c4eaeaeefebf6c6176c
-
SHA256
8cd13793b98af1c2bb122a8df3076ce2c920479bf60df6092ef9d2ab4743c121
-
SHA512
24de94c538b581851ccee44bf2e97a2c514eb956b8b718dc06aed53fc2a1472260cec056a2ead499c26348c45510c1f28285f4e592529c30b1d227ac2e74246a
-
SSDEEP
12288:K6Q0md3/94A2p8GnqZycIr+VtKzv46OgRhKB0OrJi:K6Qx/WnSyhbzvZOqU1Q
Malware Config
Targets
-
-
Target
65eb33224efc3aa772d88aac1f74c650N.exe
-
Size
511KB
-
MD5
65eb33224efc3aa772d88aac1f74c650
-
SHA1
735d5689ec025a7aaf9f6c4eaeaeefebf6c6176c
-
SHA256
8cd13793b98af1c2bb122a8df3076ce2c920479bf60df6092ef9d2ab4743c121
-
SHA512
24de94c538b581851ccee44bf2e97a2c514eb956b8b718dc06aed53fc2a1472260cec056a2ead499c26348c45510c1f28285f4e592529c30b1d227ac2e74246a
-
SSDEEP
12288:K6Q0md3/94A2p8GnqZycIr+VtKzv46OgRhKB0OrJi:K6Qx/WnSyhbzvZOqU1Q
Score9/10-
Renames multiple (3237) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-