General
-
Target
0c2e5a7c36d625e8183bba5cbe8ff2a0N.exe
-
Size
95KB
-
Sample
240906-z4f3csyaqq
-
MD5
0c2e5a7c36d625e8183bba5cbe8ff2a0
-
SHA1
d3087fbd8e096e4cb22faf2b7d121ac27a20c047
-
SHA256
4d8948b946b1a78bb4f0b983a3734c1c8009bf69daed225b7dd248f2461a1406
-
SHA512
f76723c8c8520a21a2d9ebd49149d5afbd31036ede62744717f1aab7673c4e5daba9060414c84d9085a9d6588c54c0155438e3a6cee41d79d8effcfcfcd0dc52
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDf2q7ZppApBULcfpHLcfpyDf2Z:6pWpBwchcwDTpWpBwchcwDo
Malware Config
Targets
-
-
Target
0c2e5a7c36d625e8183bba5cbe8ff2a0N.exe
-
Size
95KB
-
MD5
0c2e5a7c36d625e8183bba5cbe8ff2a0
-
SHA1
d3087fbd8e096e4cb22faf2b7d121ac27a20c047
-
SHA256
4d8948b946b1a78bb4f0b983a3734c1c8009bf69daed225b7dd248f2461a1406
-
SHA512
f76723c8c8520a21a2d9ebd49149d5afbd31036ede62744717f1aab7673c4e5daba9060414c84d9085a9d6588c54c0155438e3a6cee41d79d8effcfcfcd0dc52
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDf2q7ZppApBULcfpHLcfpyDf2Z:6pWpBwchcwDTpWpBwchcwDo
Score9/10-
Renames multiple (711) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-