General
-
Target
ab3dae6f610088268a7ec39b396198f0N.exe
-
Size
96KB
-
Sample
240819-vje74szbjq
-
MD5
ab3dae6f610088268a7ec39b396198f0
-
SHA1
edcd98128a5fa130ef080d001b8b2aebbfa965cf
-
SHA256
ede9a5ebe1b1b587d6f733b142f78e431aac0ee8378d72bce01b3e66f2b32250
-
SHA512
f2035a62e379cb1815dac7a4aa695114d2973cf2cafa56a665024aeb20559296390018fa08fe0fae85ccda4cb1737244eef43237c6a846dd351c778da4f20cc4
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDoAI9R7ZppApBULcfpHLcfpyDoAI9m:6pWpBwchcwDK97pWpBwchcwDK9m
Malware Config
Targets
-
-
Target
ab3dae6f610088268a7ec39b396198f0N.exe
-
Size
96KB
-
MD5
ab3dae6f610088268a7ec39b396198f0
-
SHA1
edcd98128a5fa130ef080d001b8b2aebbfa965cf
-
SHA256
ede9a5ebe1b1b587d6f733b142f78e431aac0ee8378d72bce01b3e66f2b32250
-
SHA512
f2035a62e379cb1815dac7a4aa695114d2973cf2cafa56a665024aeb20559296390018fa08fe0fae85ccda4cb1737244eef43237c6a846dd351c778da4f20cc4
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDoAI9R7ZppApBULcfpHLcfpyDoAI9m:6pWpBwchcwDK97pWpBwchcwDK9m
Score9/10-
Renames multiple (3376) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-