General
-
Target
6b4ad08f8eb93016126c075ca1d8bab0N.exe
-
Size
80KB
-
Sample
240906-k4b13sxgpm
-
MD5
6b4ad08f8eb93016126c075ca1d8bab0
-
SHA1
d5679684f7734c6e7ce8be30c2c825eec74698aa
-
SHA256
c62be56f038193c7757d647c40b90ed1cd5be815ad3bfe94f836e4fe4e93d533
-
SHA512
b7fd3bf7f8d7e6c07b8deda23c1069f9f7920f23f99c6c05a0ad233d1cb8de025cf146a699f3d0bf2ed5c332f124f0af9e29e76c99e60d34775ee333ead7abda
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOrtkpt6VEOf7ZhA7pApM21LOA1LOrtkpt6VEOI:6e7WpMgLOiLOrt3de7WpMgLOiLOrt3I
Malware Config
Targets
-
-
Target
6b4ad08f8eb93016126c075ca1d8bab0N.exe
-
Size
80KB
-
MD5
6b4ad08f8eb93016126c075ca1d8bab0
-
SHA1
d5679684f7734c6e7ce8be30c2c825eec74698aa
-
SHA256
c62be56f038193c7757d647c40b90ed1cd5be815ad3bfe94f836e4fe4e93d533
-
SHA512
b7fd3bf7f8d7e6c07b8deda23c1069f9f7920f23f99c6c05a0ad233d1cb8de025cf146a699f3d0bf2ed5c332f124f0af9e29e76c99e60d34775ee333ead7abda
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOrtkpt6VEOf7ZhA7pApM21LOA1LOrtkpt6VEOI:6e7WpMgLOiLOrt3de7WpMgLOiLOrt3I
Score9/10-
Renames multiple (4367) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-