General
-
Target
8335568cf800207b9e79a1941aff2a90N.exe
-
Size
81KB
-
Sample
240820-ck6scaydne
-
MD5
8335568cf800207b9e79a1941aff2a90
-
SHA1
1e3ccf00f6d7f27ab68ba39da3cba4642d1f8606
-
SHA256
e50e90a7857785788270f99e864b5879ce44c90e2f73f4ce65148ea04b9304c7
-
SHA512
9ff7a1c1b5611a5c33e6538a3bdd6ab962c2d4875aa8c13a0557e8e1650c728af1968a5c372050b57f4af8dc6220628df8ecc56a8a61ef025f55526f7def5900
-
SSDEEP
1536:W7Z2sspApctpQRtpQR/7Z2sspApctpQRtpQRq:62ssWpACc2ssWpACj
Malware Config
Targets
-
-
Target
8335568cf800207b9e79a1941aff2a90N.exe
-
Size
81KB
-
MD5
8335568cf800207b9e79a1941aff2a90
-
SHA1
1e3ccf00f6d7f27ab68ba39da3cba4642d1f8606
-
SHA256
e50e90a7857785788270f99e864b5879ce44c90e2f73f4ce65148ea04b9304c7
-
SHA512
9ff7a1c1b5611a5c33e6538a3bdd6ab962c2d4875aa8c13a0557e8e1650c728af1968a5c372050b57f4af8dc6220628df8ecc56a8a61ef025f55526f7def5900
-
SSDEEP
1536:W7Z2sspApctpQRtpQR/7Z2sspApctpQRtpQRq:62ssWpACc2ssWpACj
Score9/10-
Renames multiple (420) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-