General
-
Target
079c1a40fa4e326f2b5359cf6a65ff90N.exe
-
Size
92KB
-
Sample
240819-rhq2fasblr
-
MD5
079c1a40fa4e326f2b5359cf6a65ff90
-
SHA1
d4c0a9ae07ac5d1e35701fab6c374d3a557f6136
-
SHA256
31310dccf2bd4df39ac4b91864f4c44f7cafbc4130bf5f1acd52b5352cd8e31a
-
SHA512
e48d53fa54f9497964a7671981762733ba8c1b7a23f44f10b1e0e1664b439702d37388e86a09433059a91e24f8fec63e4b668aa7cfd6b6609c941c12dfe3971d
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOl6vSgxoVz8FUDrYYaCusjdEKxVTLJtxoVz8FUDrYYaCusR:6e7WpMgLOiLO2SgxoVz8FUDrYYaCusje
Malware Config
Targets
-
-
Target
079c1a40fa4e326f2b5359cf6a65ff90N.exe
-
Size
92KB
-
MD5
079c1a40fa4e326f2b5359cf6a65ff90
-
SHA1
d4c0a9ae07ac5d1e35701fab6c374d3a557f6136
-
SHA256
31310dccf2bd4df39ac4b91864f4c44f7cafbc4130bf5f1acd52b5352cd8e31a
-
SHA512
e48d53fa54f9497964a7671981762733ba8c1b7a23f44f10b1e0e1664b439702d37388e86a09433059a91e24f8fec63e4b668aa7cfd6b6609c941c12dfe3971d
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOl6vSgxoVz8FUDrYYaCusjdEKxVTLJtxoVz8FUDrYYaCusR:6e7WpMgLOiLO2SgxoVz8FUDrYYaCusje
Score9/10-
Renames multiple (4962) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-