General
-
Target
11a45f549bfaa6c044c23803dc118b70N.exe
-
Size
85KB
-
Sample
240727-2wzkvaweme
-
MD5
11a45f549bfaa6c044c23803dc118b70
-
SHA1
3a93a5c993e14aed1c9824b8a69563c8eff749b1
-
SHA256
025b3b15303471502128be11ef6d32b127a9fff2bb036478b5669360d24c9992
-
SHA512
ae5c36b020f4b521cfb1eb6c65f97481438c58bfb2aeab71abbfa6b385004bf5d15c63cd727eaaa7461b5787c5f32b48540c60548397b1eb31e1348932259c0d
-
SSDEEP
1536:W7ZppApBULcfpHLcfp/ZeLPy7ZppApBULcfpHLcfp/ZeLP1:6pWpBwchc5ZeSpWpBwchc5Ze5
Malware Config
Targets
-
-
Target
11a45f549bfaa6c044c23803dc118b70N.exe
-
Size
85KB
-
MD5
11a45f549bfaa6c044c23803dc118b70
-
SHA1
3a93a5c993e14aed1c9824b8a69563c8eff749b1
-
SHA256
025b3b15303471502128be11ef6d32b127a9fff2bb036478b5669360d24c9992
-
SHA512
ae5c36b020f4b521cfb1eb6c65f97481438c58bfb2aeab71abbfa6b385004bf5d15c63cd727eaaa7461b5787c5f32b48540c60548397b1eb31e1348932259c0d
-
SSDEEP
1536:W7ZppApBULcfpHLcfp/ZeLPy7ZppApBULcfpHLcfp/ZeLP1:6pWpBwchc5ZeSpWpBwchc5Ze5
Score9/10-
Renames multiple (2880) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-