General
-
Target
2743b66834c290ff47bf5d39cd62cc50N.exe
-
Size
82KB
-
Sample
240825-yg8y7a1fpf
-
MD5
2743b66834c290ff47bf5d39cd62cc50
-
SHA1
cde905a86c92be4ed6b766f1297d5f8c1ab890e2
-
SHA256
d2a5cfa80b9ebd5227cf0a15224711d356a5005aa436c616ee2060f3f2dbf863
-
SHA512
21282f021d34692cf635a405cef509d07cf0174f49415e6cb7fbc3b4167e174eba414f4bb5ab6cbf317782d7e8d2522be7a63d605f64d53fa3aaf03ed05f637d
-
SSDEEP
1536:W7ZhA7pApM21LOA1LO8a7ZhA7pApM21LOA1LO8U:6e7WpMgLOiLOle7WpMgLOiLOz
Malware Config
Targets
-
-
Target
2743b66834c290ff47bf5d39cd62cc50N.exe
-
Size
82KB
-
MD5
2743b66834c290ff47bf5d39cd62cc50
-
SHA1
cde905a86c92be4ed6b766f1297d5f8c1ab890e2
-
SHA256
d2a5cfa80b9ebd5227cf0a15224711d356a5005aa436c616ee2060f3f2dbf863
-
SHA512
21282f021d34692cf635a405cef509d07cf0174f49415e6cb7fbc3b4167e174eba414f4bb5ab6cbf317782d7e8d2522be7a63d605f64d53fa3aaf03ed05f637d
-
SSDEEP
1536:W7ZhA7pApM21LOA1LO8a7ZhA7pApM21LOA1LO8U:6e7WpMgLOiLOle7WpMgLOiLOz
Score9/10-
Renames multiple (455) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-