General
-
Target
8eef7905a9e3e3b054487a45c2342160N.exe
-
Size
85KB
-
Sample
240806-lrd6cawcnp
-
MD5
8eef7905a9e3e3b054487a45c2342160
-
SHA1
03ba10490635a0fbfe8666bc115786f9566390c4
-
SHA256
278500f70c67d6968afa0a4dfa971e3833dbf8222c8e17a30eae0c03fd485999
-
SHA512
f4947072e53b91bd897caf0b125bc0a9119b60dcdb754be80c5aeaf4bc321270e44f88c7fbf8beee9631ccd7ddd8cbc598db294d87abfd102d7565b6a591267d
-
SSDEEP
768:/7BlpQpARFbhNIiJwsJwwnZx7BlpQpARFbhNIiJwsJwwnZj:/7ZQpAplJwsJwwn/7ZQpAplJwsJwwnF
Malware Config
Targets
-
-
Target
8eef7905a9e3e3b054487a45c2342160N.exe
-
Size
85KB
-
MD5
8eef7905a9e3e3b054487a45c2342160
-
SHA1
03ba10490635a0fbfe8666bc115786f9566390c4
-
SHA256
278500f70c67d6968afa0a4dfa971e3833dbf8222c8e17a30eae0c03fd485999
-
SHA512
f4947072e53b91bd897caf0b125bc0a9119b60dcdb754be80c5aeaf4bc321270e44f88c7fbf8beee9631ccd7ddd8cbc598db294d87abfd102d7565b6a591267d
-
SSDEEP
768:/7BlpQpARFbhNIiJwsJwwnZx7BlpQpARFbhNIiJwsJwwnZj:/7ZQpAplJwsJwwn/7ZQpAplJwsJwwnF
Score9/10-
Renames multiple (4175) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-