General
-
Target
4f7795dc8acd1e08900a707eb306427a0034f60d4d40e85f8085fb207a21f92f
-
Size
87KB
-
Sample
240911-z8qscstgpg
-
MD5
66e32568bd801718f93910249c1a9116
-
SHA1
0e10f34a9e74b62beab9b95be93209c8eb973432
-
SHA256
4f7795dc8acd1e08900a707eb306427a0034f60d4d40e85f8085fb207a21f92f
-
SHA512
3fcbd56e4082913dc695a982d76a8cc3729fa8084af74f7ae10a4d19e544fd66ef4e3211ffac3358ab1eff2491263e10a7c46d9ab18e8c6175a1cac94a6bdf83
-
SSDEEP
1536:W7ZhA7pApM21LOA1LO77ZhA7pApM21LOA1LOo3Q:6e7WpMgLOiLOZe7WpMgLOiLOp
Malware Config
Targets
-
-
Target
4f7795dc8acd1e08900a707eb306427a0034f60d4d40e85f8085fb207a21f92f
-
Size
87KB
-
MD5
66e32568bd801718f93910249c1a9116
-
SHA1
0e10f34a9e74b62beab9b95be93209c8eb973432
-
SHA256
4f7795dc8acd1e08900a707eb306427a0034f60d4d40e85f8085fb207a21f92f
-
SHA512
3fcbd56e4082913dc695a982d76a8cc3729fa8084af74f7ae10a4d19e544fd66ef4e3211ffac3358ab1eff2491263e10a7c46d9ab18e8c6175a1cac94a6bdf83
-
SSDEEP
1536:W7ZhA7pApM21LOA1LO77ZhA7pApM21LOA1LOo3Q:6e7WpMgLOiLOZe7WpMgLOiLOp
Score9/10-
Renames multiple (4791) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-