General
-
Target
497962a225ea15915ecaf1423efc9900N.exe
-
Size
73KB
-
Sample
240813-s36haswhnl
-
MD5
497962a225ea15915ecaf1423efc9900
-
SHA1
f1b083b8bf499f090be08b7ffe1a8297ba4c26f7
-
SHA256
fa36de7adbee4531be10edf915f0678f4183667d2fbc64e7014f84263fccb504
-
SHA512
96406977ff9e21a3b814c8c22ca3552d35d60f1e2dc9010c2acdcaca8ffd987e8f573c0e6cf9e0cecd36c4211d8411b3cdc897e0d8ac598ee20d68a61e3570e7
-
SSDEEP
384:GBt7Br5xjL7lAgA71Fbhvt3O/oBt7Br5xjL7lAgA71Fbhvt3O/b:W7Blp9pARFbh4/U7Blp9pARFbh4/b
Malware Config
Targets
-
-
Target
497962a225ea15915ecaf1423efc9900N.exe
-
Size
73KB
-
MD5
497962a225ea15915ecaf1423efc9900
-
SHA1
f1b083b8bf499f090be08b7ffe1a8297ba4c26f7
-
SHA256
fa36de7adbee4531be10edf915f0678f4183667d2fbc64e7014f84263fccb504
-
SHA512
96406977ff9e21a3b814c8c22ca3552d35d60f1e2dc9010c2acdcaca8ffd987e8f573c0e6cf9e0cecd36c4211d8411b3cdc897e0d8ac598ee20d68a61e3570e7
-
SSDEEP
384:GBt7Br5xjL7lAgA71Fbhvt3O/oBt7Br5xjL7lAgA71Fbhvt3O/b:W7Blp9pARFbh4/U7Blp9pARFbh4/b
Score9/10-
Renames multiple (3257) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-