General
-
Target
1e7dd0f5a35b5baa3584982b79d70c5b506f0fff543a6f112becc00fb4798e90
-
Size
85KB
-
Sample
240810-x7eycsycqd
-
MD5
1b483ea812fae7c1086e4b1728894aec
-
SHA1
01ab846687756f0b9b4b4ae0b5605a62ce621299
-
SHA256
1e7dd0f5a35b5baa3584982b79d70c5b506f0fff543a6f112becc00fb4798e90
-
SHA512
7e1ab7351e7adc01250404416b3e6c96f2e71dc44ecc4d236fdf2bedc7beb903ef9f639d080af2448c4711be888aa8adb67a5d1142a8759d9c0a4fab81e57d28
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyXx7BlpppARFbhHFoqAJwBqAJw1VyjVyXzD:W7ZppApyVyjVyXx7ZppApyVyjVyX3
Malware Config
Targets
-
-
Target
1e7dd0f5a35b5baa3584982b79d70c5b506f0fff543a6f112becc00fb4798e90
-
Size
85KB
-
MD5
1b483ea812fae7c1086e4b1728894aec
-
SHA1
01ab846687756f0b9b4b4ae0b5605a62ce621299
-
SHA256
1e7dd0f5a35b5baa3584982b79d70c5b506f0fff543a6f112becc00fb4798e90
-
SHA512
7e1ab7351e7adc01250404416b3e6c96f2e71dc44ecc4d236fdf2bedc7beb903ef9f639d080af2448c4711be888aa8adb67a5d1142a8759d9c0a4fab81e57d28
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyXx7BlpppARFbhHFoqAJwBqAJw1VyjVyXzD:W7ZppApyVyjVyXx7ZppApyVyjVyX3
Score9/10-
Renames multiple (4797) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-