General
-
Target
57182abead5ca69b6e550ab6940b94d0N.exe
-
Size
832KB
-
Sample
240822-y8gzsawela
-
MD5
57182abead5ca69b6e550ab6940b94d0
-
SHA1
9d396e1e22a1ff42001fbd79ef85b90749520680
-
SHA256
119c50a191aec17334135912bc419e96bea3d62a191dabef37d1d30ee1ddc9ea
-
SHA512
efc6a08d807d25a3473bd0ae2b3df8e56febf9707c12b854e9fdb1bd0da1e9dae08259d0aad5b464cef3815d9b87c6797beb264b94065a6efe7d2ca2425722ad
-
SSDEEP
12288:NZClha+Oj5pGcDWS4RqhUA0B/wUws90D0Ca5ZIXVUfOeNMWxXZzvmeQLsZlRXwI5:z4guXowPIXV9BMZzmeQLsjRXwI5
Static task
static1
Behavioral task
behavioral1
Sample
57182abead5ca69b6e550ab6940b94d0N.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
57182abead5ca69b6e550ab6940b94d0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
57182abead5ca69b6e550ab6940b94d0N.exe
-
Size
832KB
-
MD5
57182abead5ca69b6e550ab6940b94d0
-
SHA1
9d396e1e22a1ff42001fbd79ef85b90749520680
-
SHA256
119c50a191aec17334135912bc419e96bea3d62a191dabef37d1d30ee1ddc9ea
-
SHA512
efc6a08d807d25a3473bd0ae2b3df8e56febf9707c12b854e9fdb1bd0da1e9dae08259d0aad5b464cef3815d9b87c6797beb264b94065a6efe7d2ca2425722ad
-
SSDEEP
12288:NZClha+Oj5pGcDWS4RqhUA0B/wUws90D0Ca5ZIXVUfOeNMWxXZzvmeQLsZlRXwI5:z4guXowPIXV9BMZzmeQLsjRXwI5
Score10/10-
Renames multiple (1571) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-