General
-
Target
09aa5273a4ed185da13cc726af0bbfb0N.exe
-
Size
105KB
-
Sample
240819-rvr49szaqc
-
MD5
09aa5273a4ed185da13cc726af0bbfb0
-
SHA1
c4fff5aa81fdcfcee5914ba3123866893dae903f
-
SHA256
6dcd68559908ebb278f55420422eff223a9b6718ec0c7645059129915b2816ce
-
SHA512
443478e3d7f2a6b9aa10417a4fd0f827bd865ac41a7b5f83d645b55043fa6383720c96a2e1c09b13365863babe6bfd3c21797374f0e62ec91c94a1ab8a968240
-
SSDEEP
1536:W7ZhA7pApw03vR03v1SYAiH7ZhA7pApw03vR03v1SYAizpn:6e7WpwYRY1SwFe7WpwYRY1Swd
Malware Config
Targets
-
-
Target
09aa5273a4ed185da13cc726af0bbfb0N.exe
-
Size
105KB
-
MD5
09aa5273a4ed185da13cc726af0bbfb0
-
SHA1
c4fff5aa81fdcfcee5914ba3123866893dae903f
-
SHA256
6dcd68559908ebb278f55420422eff223a9b6718ec0c7645059129915b2816ce
-
SHA512
443478e3d7f2a6b9aa10417a4fd0f827bd865ac41a7b5f83d645b55043fa6383720c96a2e1c09b13365863babe6bfd3c21797374f0e62ec91c94a1ab8a968240
-
SSDEEP
1536:W7ZhA7pApw03vR03v1SYAiH7ZhA7pApw03vR03v1SYAizpn:6e7WpwYRY1SwFe7WpwYRY1Swd
Score9/10-
Renames multiple (6068) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-