General
-
Target
a1a473668f6e39301d2d2d0c40decb12523ec590221879d66ebf57da2e5a00b5
-
Size
184KB
-
Sample
240826-bmrwjayblr
-
MD5
6a338c0f2d87b492e57fb67cb692498a
-
SHA1
7eb632420b5b32c57dfd96c2b53820cd59ab9031
-
SHA256
a1a473668f6e39301d2d2d0c40decb12523ec590221879d66ebf57da2e5a00b5
-
SHA512
9db15fef76924bb7366ca84d70ba5962ef73cd447603a46112fdcdf93d967e37751a8d3c5e8a096ac75665089b10f85559dff41bd1f585dcd9819f26680b8a23
-
SSDEEP
1536:W7ZhA7dAvGpG8nbTWJGpG8nw7ZhA7dAvGpG8nbTWJGpG8nV:6e76up3nPp3nwe76up3nPp3nV
Malware Config
Targets
-
-
Target
a1a473668f6e39301d2d2d0c40decb12523ec590221879d66ebf57da2e5a00b5
-
Size
184KB
-
MD5
6a338c0f2d87b492e57fb67cb692498a
-
SHA1
7eb632420b5b32c57dfd96c2b53820cd59ab9031
-
SHA256
a1a473668f6e39301d2d2d0c40decb12523ec590221879d66ebf57da2e5a00b5
-
SHA512
9db15fef76924bb7366ca84d70ba5962ef73cd447603a46112fdcdf93d967e37751a8d3c5e8a096ac75665089b10f85559dff41bd1f585dcd9819f26680b8a23
-
SSDEEP
1536:W7ZhA7dAvGpG8nbTWJGpG8nw7ZhA7dAvGpG8nbTWJGpG8nV:6e76up3nPp3nwe76up3nPp3nV
Score9/10-
Renames multiple (4049) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-