General
-
Target
fd328395fb8766fbb93823bae07806e0N.exe
-
Size
46KB
-
Sample
240817-whn93a1gkm
-
MD5
fd328395fb8766fbb93823bae07806e0
-
SHA1
90a0b89157b5d54e190730fc93ca219666e1c319
-
SHA256
de4642071c04373ecc65184b5f095bc228f9c749b4bf0ce6a1d4f53248256cbf
-
SHA512
b87267ab1fc5e7eb56556f55f3c238451bf2b738f5ed43b896223ac1a0d8382f60ece99b37488f503f78d31eac38185bb8225124fca52590a6cf6c39b32edd9a
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9TBT37CPKKdJJ1EXBwzEXBwdcMcI9vlv:CTW7JJ7TrTW7JJ7TL
Malware Config
Targets
-
-
Target
fd328395fb8766fbb93823bae07806e0N.exe
-
Size
46KB
-
MD5
fd328395fb8766fbb93823bae07806e0
-
SHA1
90a0b89157b5d54e190730fc93ca219666e1c319
-
SHA256
de4642071c04373ecc65184b5f095bc228f9c749b4bf0ce6a1d4f53248256cbf
-
SHA512
b87267ab1fc5e7eb56556f55f3c238451bf2b738f5ed43b896223ac1a0d8382f60ece99b37488f503f78d31eac38185bb8225124fca52590a6cf6c39b32edd9a
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9TBT37CPKKdJJ1EXBwzEXBwdcMcI9vlv:CTW7JJ7TrTW7JJ7TL
Score9/10-
Renames multiple (3783) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-