General
-
Target
b602fe09006413c5584a9a3a605eae10N.exe
-
Size
140KB
-
Sample
240818-1wd4gazekk
-
MD5
b602fe09006413c5584a9a3a605eae10
-
SHA1
65661e52ca0ca8c7dd56a8363ebfe80a26d70c03
-
SHA256
2edbf468e66a844615ad07858f61a642ae2794ff79e9df38bc54477d4b32c700
-
SHA512
a3b4d45bbcc958c7987b3398db726f05ae474c6d85a23fe27c3c8be40c0bc1d6b9dd5eaf69701480598ac654c12a6a53875d23c8609290f646908188d24403a2
-
SSDEEP
1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSz7ZDpApYbVK4vx4PN54PN4OHepOHeZSHY:6DWp7WZDWp7Wv6f
Malware Config
Targets
-
-
Target
b602fe09006413c5584a9a3a605eae10N.exe
-
Size
140KB
-
MD5
b602fe09006413c5584a9a3a605eae10
-
SHA1
65661e52ca0ca8c7dd56a8363ebfe80a26d70c03
-
SHA256
2edbf468e66a844615ad07858f61a642ae2794ff79e9df38bc54477d4b32c700
-
SHA512
a3b4d45bbcc958c7987b3398db726f05ae474c6d85a23fe27c3c8be40c0bc1d6b9dd5eaf69701480598ac654c12a6a53875d23c8609290f646908188d24403a2
-
SSDEEP
1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSz7ZDpApYbVK4vx4PN54PN4OHepOHeZSHY:6DWp7WZDWp7Wv6f
Score9/10-
Renames multiple (3701) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-