General
-
Target
dec7f506c66beeb16db8cfa5a0baf3c0N.exe
-
Size
84KB
-
Sample
240725-s83zcsyckr
-
MD5
dec7f506c66beeb16db8cfa5a0baf3c0
-
SHA1
09ca7b8d09071eaf2a7a72aea31152437bea5950
-
SHA256
04b53978ebf7c38df301ec8068d29f1e154fe79f4c8f91dc3e0afb507e593aba
-
SHA512
b01e1ae82c28cb031b17f60419d732c15bf65440f0c79cbfffe13fcc35ef017f8e90db7cb379a2acc2cac288974d12aee7c74afd7de2d8d82d1f0917d26ca7e3
-
SSDEEP
768:W7BlpppARFbhwEnAAJ+AAJbjyju27BlpppARFbhwEnAAJ+AAJbjyjuv:W7ZppApwEgyB7ZppApwEgyW
Malware Config
Targets
-
-
Target
dec7f506c66beeb16db8cfa5a0baf3c0N.exe
-
Size
84KB
-
MD5
dec7f506c66beeb16db8cfa5a0baf3c0
-
SHA1
09ca7b8d09071eaf2a7a72aea31152437bea5950
-
SHA256
04b53978ebf7c38df301ec8068d29f1e154fe79f4c8f91dc3e0afb507e593aba
-
SHA512
b01e1ae82c28cb031b17f60419d732c15bf65440f0c79cbfffe13fcc35ef017f8e90db7cb379a2acc2cac288974d12aee7c74afd7de2d8d82d1f0917d26ca7e3
-
SSDEEP
768:W7BlpppARFbhwEnAAJ+AAJbjyju27BlpppARFbhwEnAAJ+AAJbjyjuv:W7ZppApwEgyB7ZppApwEgyW
Score9/10-
Renames multiple (4711) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-