General
-
Target
96296ece041884d790b2930b5bca1760N.exe
-
Size
79KB
-
Sample
240820-skqdcssfrn
-
MD5
96296ece041884d790b2930b5bca1760
-
SHA1
dbcd1282edf54e9f2782ae1b1ffdb24b87f98199
-
SHA256
52bd44025ef7c5efdebc747045bc255d4778f5eb0d14505bf00837d55ec8f083
-
SHA512
078007b9320ba267532b4995115a6d703f0584db668cf1ababd1a85a8ff14c27d4978fcdd5bb9826195e417b85a74e5953605cf2a6d25762a3b04bdf12c239dd
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOv7ZhA7pApM21LOA1LO7:6e7WpMgLOiLOte7WpMgLOiLO7
Malware Config
Targets
-
-
Target
96296ece041884d790b2930b5bca1760N.exe
-
Size
79KB
-
MD5
96296ece041884d790b2930b5bca1760
-
SHA1
dbcd1282edf54e9f2782ae1b1ffdb24b87f98199
-
SHA256
52bd44025ef7c5efdebc747045bc255d4778f5eb0d14505bf00837d55ec8f083
-
SHA512
078007b9320ba267532b4995115a6d703f0584db668cf1ababd1a85a8ff14c27d4978fcdd5bb9826195e417b85a74e5953605cf2a6d25762a3b04bdf12c239dd
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOv7ZhA7pApM21LOA1LO7:6e7WpMgLOiLOte7WpMgLOiLO7
Score9/10-
Renames multiple (4293) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-