General
-
Target
44bb8be7a4beb74c8c4eb2f50a854f30N.exe
-
Size
94KB
-
Sample
240901-rs1nmatarq
-
MD5
44bb8be7a4beb74c8c4eb2f50a854f30
-
SHA1
77e8fe18f45e65b8af9c00cf54edbbb64d14f960
-
SHA256
b5f9931438f562437873a6c9bccc8eeb4954f1adcc3936ce2e53b32f3d648207
-
SHA512
be4bd285abcbab0a11abb4b81e3d7d6d17ee9e26225883465c1bd70d0456c360a729732783b3b94f9636a4900d9d83f0d17e119fd525db7559ad5bb3abaa2ed7
-
SSDEEP
768:W7BlphA7pARFbhvOsTKnKqt17BlphA7pARFbhvOsTKnKqtm:W7ZhA7pApvOsOK87ZhA7pApvOsOKV
Malware Config
Targets
-
-
Target
44bb8be7a4beb74c8c4eb2f50a854f30N.exe
-
Size
94KB
-
MD5
44bb8be7a4beb74c8c4eb2f50a854f30
-
SHA1
77e8fe18f45e65b8af9c00cf54edbbb64d14f960
-
SHA256
b5f9931438f562437873a6c9bccc8eeb4954f1adcc3936ce2e53b32f3d648207
-
SHA512
be4bd285abcbab0a11abb4b81e3d7d6d17ee9e26225883465c1bd70d0456c360a729732783b3b94f9636a4900d9d83f0d17e119fd525db7559ad5bb3abaa2ed7
-
SSDEEP
768:W7BlphA7pARFbhvOsTKnKqt17BlphA7pARFbhvOsTKnKqtm:W7ZhA7pApvOsOK87ZhA7pApvOsOKV
Score9/10-
Renames multiple (4021) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-