General
-
Target
5a03dfa8ef63de30efddb7eac81f04b0N.exe
-
Size
86KB
-
Sample
240821-vepkzszelb
-
MD5
5a03dfa8ef63de30efddb7eac81f04b0
-
SHA1
59b27bfcb62cb176d499f8a8eea34bd2733b22c7
-
SHA256
eb905719123e80e5097724466a41664a27cb81893a0cc76686e85bdc86368d58
-
SHA512
d810a22315fa37c73505b0cb13e167e28da73b802f1ff8b4b12d4aed6d36ee984431200d2449516b316322e7f91e566d2cc4b0dbac07345fc345ed386bec1427
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDN7ZppApBULcfpHLcfpyDP:6pWpBwchcwDXpWpBwchcwDP
Malware Config
Targets
-
-
Target
5a03dfa8ef63de30efddb7eac81f04b0N.exe
-
Size
86KB
-
MD5
5a03dfa8ef63de30efddb7eac81f04b0
-
SHA1
59b27bfcb62cb176d499f8a8eea34bd2733b22c7
-
SHA256
eb905719123e80e5097724466a41664a27cb81893a0cc76686e85bdc86368d58
-
SHA512
d810a22315fa37c73505b0cb13e167e28da73b802f1ff8b4b12d4aed6d36ee984431200d2449516b316322e7f91e566d2cc4b0dbac07345fc345ed386bec1427
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDN7ZppApBULcfpHLcfpyDP:6pWpBwchcwDXpWpBwchcwDP
Score9/10-
Renames multiple (4404) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-