General
-
Target
c4249ef467d19089265ca53be663548341f1005fa75573c0031e2b3e3f48ca10
-
Size
168KB
-
Sample
240727-dzn2hsvalm
-
MD5
72609245f41add0f641d352109e6b9be
-
SHA1
3c27b77308fcedbff5150602ce2ba0d1b24e2e40
-
SHA256
c4249ef467d19089265ca53be663548341f1005fa75573c0031e2b3e3f48ca10
-
SHA512
6b595276956de5ba9711c1ab3cb1c841f24781f5e66e53aed6980897b62081c24fa5708a8ff1b122707fdb2c72e396ba498f851d051989c5d45361053880bea3
-
SSDEEP
1536:W7ZDpApYbWjIoPyPoLzV7c6ShWfxRfxSUk7ZDpApYbWjIoPyPoLzV7c6ShWfxRfM:6DWpLf7fqDWpLf7fMn
Malware Config
Targets
-
-
Target
c4249ef467d19089265ca53be663548341f1005fa75573c0031e2b3e3f48ca10
-
Size
168KB
-
MD5
72609245f41add0f641d352109e6b9be
-
SHA1
3c27b77308fcedbff5150602ce2ba0d1b24e2e40
-
SHA256
c4249ef467d19089265ca53be663548341f1005fa75573c0031e2b3e3f48ca10
-
SHA512
6b595276956de5ba9711c1ab3cb1c841f24781f5e66e53aed6980897b62081c24fa5708a8ff1b122707fdb2c72e396ba498f851d051989c5d45361053880bea3
-
SSDEEP
1536:W7ZDpApYbWjIoPyPoLzV7c6ShWfxRfxSUk7ZDpApYbWjIoPyPoLzV7c6ShWfxRfM:6DWpLf7fqDWpLf7fMn
Score9/10-
Renames multiple (423) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-