General
-
Target
4779e6ebc64484bd3b39356b7ef8f825a417129107822eed5049cb2848ba7e96
-
Size
220KB
-
Sample
240727-1ncknszgpn
-
MD5
c081629b0b8f89a3af3f84c9fe1d9de8
-
SHA1
bdb1701ac91ca314c70805d5714b7edc24d226d7
-
SHA256
4779e6ebc64484bd3b39356b7ef8f825a417129107822eed5049cb2848ba7e96
-
SHA512
9d38e82b7d1c9f282451b45eeb7f629067a4954684434d1b53466854b1a78c3e747fc0c7c69c578adf64543e5ca31c39e295a3817493b6cd13c2d09e6dd0688b
-
SSDEEP
3072:6+WpDfmRfmhz7RjnI52UhCMD98HpKI6GCLOwstyhZFChcssc56FUrgxvbSD4UQr0:wl7+EUhCw9GpKbShcHUak
Malware Config
Targets
-
-
Target
4779e6ebc64484bd3b39356b7ef8f825a417129107822eed5049cb2848ba7e96
-
Size
220KB
-
MD5
c081629b0b8f89a3af3f84c9fe1d9de8
-
SHA1
bdb1701ac91ca314c70805d5714b7edc24d226d7
-
SHA256
4779e6ebc64484bd3b39356b7ef8f825a417129107822eed5049cb2848ba7e96
-
SHA512
9d38e82b7d1c9f282451b45eeb7f629067a4954684434d1b53466854b1a78c3e747fc0c7c69c578adf64543e5ca31c39e295a3817493b6cd13c2d09e6dd0688b
-
SSDEEP
3072:6+WpDfmRfmhz7RjnI52UhCMD98HpKI6GCLOwstyhZFChcssc56FUrgxvbSD4UQr0:wl7+EUhCw9GpKbShcHUak
Score9/10-
Renames multiple (374) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-