General
-
Target
1248e8144c47a57eb74683669eaacd60N.exe
-
Size
107KB
-
Sample
240819-skjwks1ejg
-
MD5
1248e8144c47a57eb74683669eaacd60
-
SHA1
e947a5577a12e950c9a3ac86e3008d468dc4674d
-
SHA256
62853d7699d15e96588b57249b08ea4c53f7b6f7d8606d2f428c28956bd5e37a
-
SHA512
6dc3defc9662c691f4a3c18377621ac1536e5a7e6b06f4c80cda5173340b2a8dc322a936fe95d30503714c816dafa7e8ed0bf794033ceab799c49ddd087458aa
-
SSDEEP
768:W7BlpppARFbhFAxC7ntkntV/T7BlpppARFbhFAxC7ntkntV/M:W7ZppApry97ZppAprym
Malware Config
Targets
-
-
Target
1248e8144c47a57eb74683669eaacd60N.exe
-
Size
107KB
-
MD5
1248e8144c47a57eb74683669eaacd60
-
SHA1
e947a5577a12e950c9a3ac86e3008d468dc4674d
-
SHA256
62853d7699d15e96588b57249b08ea4c53f7b6f7d8606d2f428c28956bd5e37a
-
SHA512
6dc3defc9662c691f4a3c18377621ac1536e5a7e6b06f4c80cda5173340b2a8dc322a936fe95d30503714c816dafa7e8ed0bf794033ceab799c49ddd087458aa
-
SSDEEP
768:W7BlpppARFbhFAxC7ntkntV/T7BlpppARFbhFAxC7ntkntV/M:W7ZppApry97ZppAprym
Score9/10-
Renames multiple (5228) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-