General
-
Target
1b0636bd473b44c73cf4e1b2b7cbfa40N.exe
-
Size
104KB
-
Sample
240817-zl3teayfkm
-
MD5
1b0636bd473b44c73cf4e1b2b7cbfa40
-
SHA1
d92097cffe53fc01528a6ef9d328ea6f9fbb97c2
-
SHA256
138f655ca6ebe69012e6c81c494147006135926da6d651a6110c0bcfc96c4dde
-
SHA512
b1e8ad85e9959c2301aa111c9f2adccb7ea73a807b831afab1d540a425fa5319b43913c08d29ecafdceb5a79bc472f94a80ed4fe9534a535a1ab770c6c17239a
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBw07BlpppARFbhHFoqAJwBqAJw70EXp:W7ZppApg7ZppApe
Malware Config
Targets
-
-
Target
1b0636bd473b44c73cf4e1b2b7cbfa40N.exe
-
Size
104KB
-
MD5
1b0636bd473b44c73cf4e1b2b7cbfa40
-
SHA1
d92097cffe53fc01528a6ef9d328ea6f9fbb97c2
-
SHA256
138f655ca6ebe69012e6c81c494147006135926da6d651a6110c0bcfc96c4dde
-
SHA512
b1e8ad85e9959c2301aa111c9f2adccb7ea73a807b831afab1d540a425fa5319b43913c08d29ecafdceb5a79bc472f94a80ed4fe9534a535a1ab770c6c17239a
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBw07BlpppARFbhHFoqAJwBqAJw70EXp:W7ZppApg7ZppApe
Score9/10-
Renames multiple (4085) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-