General
-
Target
fd640e8d78bd8544cff7f597e2774750N.exe
-
Size
81KB
-
Sample
240905-psvq9s1brl
-
MD5
fd640e8d78bd8544cff7f597e2774750
-
SHA1
ff980868c4f630ac891d1e7bafb82902703e2673
-
SHA256
c473718011d9135da4427f544e0a0613579fc39e970b4324a87f6f3777f3e22d
-
SHA512
6eaf6b9c1ff8da81c1fd26215b59037f4d76c23268c1d6f3f5c84caca18f69ecce3acaf533730c08aecd62847964708767fe519637feb9367c35dc9b0aab76f3
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDC7ZppApBULcfpHLcfpyDH:6pWpBwchcwDGpWpBwchcwDH
Malware Config
Targets
-
-
Target
fd640e8d78bd8544cff7f597e2774750N.exe
-
Size
81KB
-
MD5
fd640e8d78bd8544cff7f597e2774750
-
SHA1
ff980868c4f630ac891d1e7bafb82902703e2673
-
SHA256
c473718011d9135da4427f544e0a0613579fc39e970b4324a87f6f3777f3e22d
-
SHA512
6eaf6b9c1ff8da81c1fd26215b59037f4d76c23268c1d6f3f5c84caca18f69ecce3acaf533730c08aecd62847964708767fe519637feb9367c35dc9b0aab76f3
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDC7ZppApBULcfpHLcfpyDH:6pWpBwchcwDGpWpBwchcwDH
Score9/10-
Renames multiple (429) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-