General
-
Target
bf06af7162f046aef88f3666d3d9a7e0N.exe
-
Size
125KB
-
Sample
240901-dlrkgszfpa
-
MD5
bf06af7162f046aef88f3666d3d9a7e0
-
SHA1
8badf69616415caceb3d59f396e5c38450c2638f
-
SHA256
f5b0fd2bc046aa20a902a94db0b0fcbe20955a2cb270a9b2d3ba5ea81252368c
-
SHA512
aff4b47cb7c9ad6a15bdb6643de095606699a8bdb470380e41edd7742f5197219933a14431717ace2ab059e6749b3b4d90a0f65fd833635230a9d9f4f9b66a9e
-
SSDEEP
3072:6pWpi8wP2awclvmxrP2awclvmxwpWpi8wP2awclvmxrP2awclvmxgtz:Pc1
Malware Config
Targets
-
-
Target
bf06af7162f046aef88f3666d3d9a7e0N.exe
-
Size
125KB
-
MD5
bf06af7162f046aef88f3666d3d9a7e0
-
SHA1
8badf69616415caceb3d59f396e5c38450c2638f
-
SHA256
f5b0fd2bc046aa20a902a94db0b0fcbe20955a2cb270a9b2d3ba5ea81252368c
-
SHA512
aff4b47cb7c9ad6a15bdb6643de095606699a8bdb470380e41edd7742f5197219933a14431717ace2ab059e6749b3b4d90a0f65fd833635230a9d9f4f9b66a9e
-
SSDEEP
3072:6pWpi8wP2awclvmxrP2awclvmxwpWpi8wP2awclvmxrP2awclvmxgtz:Pc1
Score9/10-
Renames multiple (3700) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-