General
-
Target
40f7744da3abbdbc4094fc017e7c6190N.exe
-
Size
126KB
-
Sample
240903-raxt1sydnk
-
MD5
40f7744da3abbdbc4094fc017e7c6190
-
SHA1
f60ebd11e8a63bad26a00753fc11b027b0755c6b
-
SHA256
00295f08aa590c57fec5b8b69012ed014c1197d6fdd23bd8a34ff88e9558764c
-
SHA512
ac850a641598f8bc8b57e9cd004b666c94c953520d07481db9dcb2997016a06f4e1d813922fb55cad601b332f8a838e10fa53b9765ded8ea68fa72e8613e5417
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxLTR7ZppApBULcfpHLcfpX2/Nw/NwmxLTc:6pWpBwchcV2WxLT7pWpBwchcV2WxLTc
Malware Config
Targets
-
-
Target
40f7744da3abbdbc4094fc017e7c6190N.exe
-
Size
126KB
-
MD5
40f7744da3abbdbc4094fc017e7c6190
-
SHA1
f60ebd11e8a63bad26a00753fc11b027b0755c6b
-
SHA256
00295f08aa590c57fec5b8b69012ed014c1197d6fdd23bd8a34ff88e9558764c
-
SHA512
ac850a641598f8bc8b57e9cd004b666c94c953520d07481db9dcb2997016a06f4e1d813922fb55cad601b332f8a838e10fa53b9765ded8ea68fa72e8613e5417
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxLTR7ZppApBULcfpHLcfpX2/Nw/NwmxLTc:6pWpBwchcV2WxLT7pWpBwchcV2WxLTc
Score9/10-
Renames multiple (4713) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-