General
-
Target
f80e62c46e60f42489e68cb514e9fa20N.exe
-
Size
85KB
-
Sample
240824-y7py1axfjh
-
MD5
f80e62c46e60f42489e68cb514e9fa20
-
SHA1
b742550bd00317e1af20d489c8647cda289a77c7
-
SHA256
bd285addcdfb68785176e219950c566fb77d8d9250e7b4779e2d1c4af50e23d7
-
SHA512
88528e31f58224abaf48be82a6693c00f9811743bee6f09fc6864a48e1629e6d55832c942a70535f3812fa000c0788e2cbc9dc7f54e0444c48343d5e7dd4a50e
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOk7ZhA7pApM21LOA1LOu:6e7WpMgLOiLOke7WpMgLOiLOu
Malware Config
Targets
-
-
Target
f80e62c46e60f42489e68cb514e9fa20N.exe
-
Size
85KB
-
MD5
f80e62c46e60f42489e68cb514e9fa20
-
SHA1
b742550bd00317e1af20d489c8647cda289a77c7
-
SHA256
bd285addcdfb68785176e219950c566fb77d8d9250e7b4779e2d1c4af50e23d7
-
SHA512
88528e31f58224abaf48be82a6693c00f9811743bee6f09fc6864a48e1629e6d55832c942a70535f3812fa000c0788e2cbc9dc7f54e0444c48343d5e7dd4a50e
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOk7ZhA7pApM21LOA1LOu:6e7WpMgLOiLOke7WpMgLOiLOu
Score9/10-
Renames multiple (4785) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-