General
-
Target
1651481c299743efa0cecc7bb71a1ef0N.exe
-
Size
116KB
-
Sample
240902-r89lgatdnc
-
MD5
1651481c299743efa0cecc7bb71a1ef0
-
SHA1
9dcb21d6a5c7d29a299f873685e2d713867121bb
-
SHA256
752b82623d99f07e9b8b3c827ab5a5aec4d341e0ae421c6d9e6bc7012ab52d85
-
SHA512
5e1b89a71158ee19f1573944f6964259aca08292a5268488cb94191a0fc857b1d9a3fc9ba54b0f15ee56adb7aeb9c1a6d066be64f2bd481b44ea031d704032cf
-
SSDEEP
1536:W7Z2sspAp5YSfffwa3ab7Z2sspAp5YSfffwa3aCrV:62ssWpIa3a52ssWpIa3aCrV
Malware Config
Targets
-
-
Target
1651481c299743efa0cecc7bb71a1ef0N.exe
-
Size
116KB
-
MD5
1651481c299743efa0cecc7bb71a1ef0
-
SHA1
9dcb21d6a5c7d29a299f873685e2d713867121bb
-
SHA256
752b82623d99f07e9b8b3c827ab5a5aec4d341e0ae421c6d9e6bc7012ab52d85
-
SHA512
5e1b89a71158ee19f1573944f6964259aca08292a5268488cb94191a0fc857b1d9a3fc9ba54b0f15ee56adb7aeb9c1a6d066be64f2bd481b44ea031d704032cf
-
SSDEEP
1536:W7Z2sspAp5YSfffwa3ab7Z2sspAp5YSfffwa3aCrV:62ssWpIa3a52ssWpIa3aCrV
Score9/10-
Renames multiple (3798) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-