General
-
Target
49a2822d9bab5a468d159e9079311456a3c55fc91e85bf8e2649af0ec909e829N
-
Size
63KB
-
Sample
240918-kxp95asdlg
-
MD5
56d6cdb84f4b3b3392b75589b301ffb0
-
SHA1
c14239aacbb870b7563daae21b94080cedcc1a2e
-
SHA256
49a2822d9bab5a468d159e9079311456a3c55fc91e85bf8e2649af0ec909e829
-
SHA512
770c8d5435963082ec79c3cce5301fd0cb9e85cf837ba93d51cae53fd4e45e44d7dd760a5df76de280193f5934849919328428dec0c87036606b0c9a35a52505
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9dr15R5NBT37CPKKdJJ1EXBwzEXBwdcMcI9dg:CTW7JJ7TJzlTW7JJ7TJzW
Malware Config
Targets
-
-
Target
49a2822d9bab5a468d159e9079311456a3c55fc91e85bf8e2649af0ec909e829N
-
Size
63KB
-
MD5
56d6cdb84f4b3b3392b75589b301ffb0
-
SHA1
c14239aacbb870b7563daae21b94080cedcc1a2e
-
SHA256
49a2822d9bab5a468d159e9079311456a3c55fc91e85bf8e2649af0ec909e829
-
SHA512
770c8d5435963082ec79c3cce5301fd0cb9e85cf837ba93d51cae53fd4e45e44d7dd760a5df76de280193f5934849919328428dec0c87036606b0c9a35a52505
-
SSDEEP
768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9dr15R5NBT37CPKKdJJ1EXBwzEXBwdcMcI9dg:CTW7JJ7TJzlTW7JJ7TJzW
Score9/10-
Renames multiple (3532) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-