General
-
Target
8fe8de948caf99d15eca1f8b8dd9f850N.exe
-
Size
83KB
-
Sample
240814-frwshasanp
-
MD5
8fe8de948caf99d15eca1f8b8dd9f850
-
SHA1
bf67f4c5570c1e173c03572c087b671088dfa82f
-
SHA256
462e5d86f0191616e930a8cc907c86f81aa4aaa3b1999aa43d02a160bbde8dd2
-
SHA512
2b4dc84dba90344bc0526d3cec5e0e888370fdfffc00efef3a11aec811233cbd8b2efe1b5a407f46b7647a00255048ff60ca2f6caff44d01b9b3d6a3f60bfbc6
-
SSDEEP
1536:W7ZhA7pApw03vR03v67ZhA7pApw03vR03vNfmK/fmK0:6e7WpwYRY+e7WpwYRYu
Malware Config
Targets
-
-
Target
8fe8de948caf99d15eca1f8b8dd9f850N.exe
-
Size
83KB
-
MD5
8fe8de948caf99d15eca1f8b8dd9f850
-
SHA1
bf67f4c5570c1e173c03572c087b671088dfa82f
-
SHA256
462e5d86f0191616e930a8cc907c86f81aa4aaa3b1999aa43d02a160bbde8dd2
-
SHA512
2b4dc84dba90344bc0526d3cec5e0e888370fdfffc00efef3a11aec811233cbd8b2efe1b5a407f46b7647a00255048ff60ca2f6caff44d01b9b3d6a3f60bfbc6
-
SSDEEP
1536:W7ZhA7pApw03vR03v67ZhA7pApw03vR03vNfmK/fmK0:6e7WpwYRY+e7WpwYRYu
Score9/10-
Renames multiple (4729) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-