General
-
Target
13cb0f64624f988dec64a6cbce782940N.exe
-
Size
76KB
-
Sample
240915-mzzmpazeqg
-
MD5
13cb0f64624f988dec64a6cbce782940
-
SHA1
8dfa0c4509e808ec053effd4007c7191d68fdb01
-
SHA256
2f8012099facb7db1b02338524195457969f42cd6f672ebff0839ffa9d351e3d
-
SHA512
5f037c751a71d3fb6c132d5e0000854e54e32a7caaba2d712afc2a97b16e429fbbb4167aeea97751b3704cad1c81c7e2f99b5428b7853758c17085ac3e14e626
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOm7ZhA7pApM21LOA1LO3:6e7WpMgLOiLOKe7WpMgLOiLO3
Malware Config
Targets
-
-
Target
13cb0f64624f988dec64a6cbce782940N.exe
-
Size
76KB
-
MD5
13cb0f64624f988dec64a6cbce782940
-
SHA1
8dfa0c4509e808ec053effd4007c7191d68fdb01
-
SHA256
2f8012099facb7db1b02338524195457969f42cd6f672ebff0839ffa9d351e3d
-
SHA512
5f037c751a71d3fb6c132d5e0000854e54e32a7caaba2d712afc2a97b16e429fbbb4167aeea97751b3704cad1c81c7e2f99b5428b7853758c17085ac3e14e626
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOm7ZhA7pApM21LOA1LO3:6e7WpMgLOiLOKe7WpMgLOiLO3
Score9/10-
Renames multiple (3955) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-