General
-
Target
bd163b4fdc3ca295dc77d3c6eb5524d0N.exe
-
Size
83KB
-
Sample
240814-egfg4a1dlk
-
MD5
bd163b4fdc3ca295dc77d3c6eb5524d0
-
SHA1
1a207249d9213eba12931af9659c8bc2f25ddd6a
-
SHA256
2b1656251457aa238da1dbd7c020c14391d58d39c3a939c4e5ee3f1136059d81
-
SHA512
7a067efd3a3c7a77f48d67b6d10c4d879441ea7e2d110229c49bd6481d1c068b5495fd55256b69b65ec19907ce26ee63825a1e1c5d79e2dd2f891ee00ce23b72
-
SSDEEP
1536:W7ZppApBULcfpHLcfpXfxRfxy7ZppApBULcfpHLcfpXfxRfxa:6pWpBwchclf7fcpWpBwchclf7fE
Malware Config
Targets
-
-
Target
bd163b4fdc3ca295dc77d3c6eb5524d0N.exe
-
Size
83KB
-
MD5
bd163b4fdc3ca295dc77d3c6eb5524d0
-
SHA1
1a207249d9213eba12931af9659c8bc2f25ddd6a
-
SHA256
2b1656251457aa238da1dbd7c020c14391d58d39c3a939c4e5ee3f1136059d81
-
SHA512
7a067efd3a3c7a77f48d67b6d10c4d879441ea7e2d110229c49bd6481d1c068b5495fd55256b69b65ec19907ce26ee63825a1e1c5d79e2dd2f891ee00ce23b72
-
SSDEEP
1536:W7ZppApBULcfpHLcfpXfxRfxy7ZppApBULcfpHLcfpXfxRfxa:6pWpBwchclf7fcpWpBwchclf7fE
Score9/10-
Renames multiple (4421) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-