General
-
Target
efb181108b785ee16c9e72d55beaf0de2a34ac42722d67b2c9e7c149847a19fd
-
Size
92KB
-
Sample
240826-fbx1mavhrc
-
MD5
748cb196b7c98608f6c5b6bbc89605df
-
SHA1
e04d1dbb6fac7dde7359731b8aa51bac77029bc9
-
SHA256
efb181108b785ee16c9e72d55beaf0de2a34ac42722d67b2c9e7c149847a19fd
-
SHA512
6d7e9e2000e91251c8b290d90f5e44398e082ca6c4c7573b428028953f668e7e4541951d82326530786e9a12f2ff71ad1a0e1fedd431a8484e429e735bdd7e7f
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJwRJofJoTf7BlpppARFbhHFoqAJwBqAJwRJofJoTs+:W7ZppApaJofJo77ZppApaJofJoAry
Malware Config
Targets
-
-
Target
efb181108b785ee16c9e72d55beaf0de2a34ac42722d67b2c9e7c149847a19fd
-
Size
92KB
-
MD5
748cb196b7c98608f6c5b6bbc89605df
-
SHA1
e04d1dbb6fac7dde7359731b8aa51bac77029bc9
-
SHA256
efb181108b785ee16c9e72d55beaf0de2a34ac42722d67b2c9e7c149847a19fd
-
SHA512
6d7e9e2000e91251c8b290d90f5e44398e082ca6c4c7573b428028953f668e7e4541951d82326530786e9a12f2ff71ad1a0e1fedd431a8484e429e735bdd7e7f
-
SSDEEP
768:W7BlpppARFbhHFoqAJwBqAJwRJofJoTf7BlpppARFbhHFoqAJwBqAJwRJofJoTs+:W7ZppApaJofJo77ZppApaJofJoAry
Score9/10-
Renames multiple (930) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-