General
-
Target
af29811fe3b148061367c319991c96a4fb7ac0032f1e4688391fddc89b396ae7
-
Size
81KB
-
Sample
240810-br98nsyhnk
-
MD5
c8f79479a5c570809602ed64929b27d7
-
SHA1
bda3351cced6fd9086c2f53e36efc54d564a9a0d
-
SHA256
af29811fe3b148061367c319991c96a4fb7ac0032f1e4688391fddc89b396ae7
-
SHA512
8ffb70a69b5736e06778f30a97310c109f01a837041f43fcfa6d85e2e42a433514844a3cfc8aff65ad968dce8bab148d050225c7ec4e357c7b1fafd92bc798eb
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDE7ZppApBULcfpHLcfpyDJ:6pWpBwchcwDEpWpBwchcwDJ
Malware Config
Targets
-
-
Target
af29811fe3b148061367c319991c96a4fb7ac0032f1e4688391fddc89b396ae7
-
Size
81KB
-
MD5
c8f79479a5c570809602ed64929b27d7
-
SHA1
bda3351cced6fd9086c2f53e36efc54d564a9a0d
-
SHA256
af29811fe3b148061367c319991c96a4fb7ac0032f1e4688391fddc89b396ae7
-
SHA512
8ffb70a69b5736e06778f30a97310c109f01a837041f43fcfa6d85e2e42a433514844a3cfc8aff65ad968dce8bab148d050225c7ec4e357c7b1fafd92bc798eb
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDE7ZppApBULcfpHLcfpyDJ:6pWpBwchcwDEpWpBwchcwDJ
Score9/10-
Renames multiple (1046) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-