General
-
Target
5f1733e267f7c5a07c40e51308c49a70N.exe
-
Size
90KB
-
Sample
240821-btjhqstbpe
-
MD5
5f1733e267f7c5a07c40e51308c49a70
-
SHA1
557e245919a3068e0e9fe663227d73c057ab9c89
-
SHA256
135d1a242b3fd4b49c90baebae85669edc104978feab687f0637476d93de44bf
-
SHA512
77dc996e07acb40d75c96ae790d0c218d180c6639bbc6a765cb45bac2ba1602d3bf358844edb6480640c60e9a27a4f501108e6d0fe0a008763e8487d0b19b64b
-
SSDEEP
768:/7BlpQpARFbhNIduv4Luv4K7BlpQpARFbhNIduv4Luv4w:/7ZQpApYbK7ZQpApYbw
Malware Config
Targets
-
-
Target
5f1733e267f7c5a07c40e51308c49a70N.exe
-
Size
90KB
-
MD5
5f1733e267f7c5a07c40e51308c49a70
-
SHA1
557e245919a3068e0e9fe663227d73c057ab9c89
-
SHA256
135d1a242b3fd4b49c90baebae85669edc104978feab687f0637476d93de44bf
-
SHA512
77dc996e07acb40d75c96ae790d0c218d180c6639bbc6a765cb45bac2ba1602d3bf358844edb6480640c60e9a27a4f501108e6d0fe0a008763e8487d0b19b64b
-
SSDEEP
768:/7BlpQpARFbhNIduv4Luv4K7BlpQpARFbhNIduv4Luv4w:/7ZQpApYbK7ZQpApYbw
Score9/10-
Renames multiple (4296) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-