General
-
Target
385988b2bea0cb6064970d35b4eb4390N.exe
-
Size
85KB
-
Sample
240803-cyjjzazfqn
-
MD5
385988b2bea0cb6064970d35b4eb4390
-
SHA1
d8bb37f9fac32165bcfd176f0cefdd35ab573539
-
SHA256
48c4b320ae02a0f410c904114f390c26b6010be35e5f6a025de607cdd01c4274
-
SHA512
106817db122ca291c80576c1f33fd2b9c241dc6ea09fa695b662ace68ffda4e660437d0d706a7478f90c81efed9956e6e3c344bad9c64614e4a1c8f22c29b222
-
SSDEEP
768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJw7BlpppARFbhbt7Y7wTCIofQOiJfoP:W7ZppApqH/7ZppApqHH
Malware Config
Targets
-
-
Target
385988b2bea0cb6064970d35b4eb4390N.exe
-
Size
85KB
-
MD5
385988b2bea0cb6064970d35b4eb4390
-
SHA1
d8bb37f9fac32165bcfd176f0cefdd35ab573539
-
SHA256
48c4b320ae02a0f410c904114f390c26b6010be35e5f6a025de607cdd01c4274
-
SHA512
106817db122ca291c80576c1f33fd2b9c241dc6ea09fa695b662ace68ffda4e660437d0d706a7478f90c81efed9956e6e3c344bad9c64614e4a1c8f22c29b222
-
SSDEEP
768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJw7BlpppARFbhbt7Y7wTCIofQOiJfoP:W7ZppApqH/7ZppApqHH
Score9/10-
Renames multiple (4424) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-