General
-
Target
4e3ad086358a2189e835d6c9bd34ffb0N.exe
-
Size
48KB
-
Sample
240901-s3aevsvdnq
-
MD5
4e3ad086358a2189e835d6c9bd34ffb0
-
SHA1
11fad89d2ca16be12a0a70d260e68a335ea62a0e
-
SHA256
fb6af49e4f15274063bf1efe237a00c940fceb39fae9765c2d722c650af3bb24
-
SHA512
5f211f7bfc7abe96f1465264b14e478207337141672901c0bce615eba7f8200fdedd4f372463ccaf1d31d8776dc36dd3ebea7f20056588d5090bd084a5104b05
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI98BT37CPKKdJJ1EXBwzEXBwdcMcI9Qqqqs:CTW7JJ7TATW7JJ7Taqqqs
Malware Config
Targets
-
-
Target
4e3ad086358a2189e835d6c9bd34ffb0N.exe
-
Size
48KB
-
MD5
4e3ad086358a2189e835d6c9bd34ffb0
-
SHA1
11fad89d2ca16be12a0a70d260e68a335ea62a0e
-
SHA256
fb6af49e4f15274063bf1efe237a00c940fceb39fae9765c2d722c650af3bb24
-
SHA512
5f211f7bfc7abe96f1465264b14e478207337141672901c0bce615eba7f8200fdedd4f372463ccaf1d31d8776dc36dd3ebea7f20056588d5090bd084a5104b05
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI98BT37CPKKdJJ1EXBwzEXBwdcMcI9Qqqqs:CTW7JJ7TATW7JJ7Taqqqs
Score9/10-
Renames multiple (3414) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-