General
-
Target
a096d7111dd82bf035b658494f7c8730N.exe
-
Size
212KB
-
Sample
240820-l58xwawbrc
-
MD5
a096d7111dd82bf035b658494f7c8730
-
SHA1
eb88f81a20151138d1de95ce76c4a7e05028edd5
-
SHA256
e688959747fdbf14ddcd78d1d0bbd06d20d18b8125cfa8a847e5b0eb23d9e8f0
-
SHA512
416233b8aad26a7f74db826a2ef7c80458bc3baa05cbf4f5856cab9d8edbf9518ff5ac86b3d2d82d0a688bc5b5944f0ba215f6c0aaf1575ed23df5a5994226c5
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBu:PqFF2Ie+effydqFF2Ie+effyL
Malware Config
Targets
-
-
Target
a096d7111dd82bf035b658494f7c8730N.exe
-
Size
212KB
-
MD5
a096d7111dd82bf035b658494f7c8730
-
SHA1
eb88f81a20151138d1de95ce76c4a7e05028edd5
-
SHA256
e688959747fdbf14ddcd78d1d0bbd06d20d18b8125cfa8a847e5b0eb23d9e8f0
-
SHA512
416233b8aad26a7f74db826a2ef7c80458bc3baa05cbf4f5856cab9d8edbf9518ff5ac86b3d2d82d0a688bc5b5944f0ba215f6c0aaf1575ed23df5a5994226c5
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBu:PqFF2Ie+effydqFF2Ie+effyL
Score9/10-
Renames multiple (281) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-