General
-
Target
346242a93dbe2faee19236b1c444ab5da6dabec9797965785b08ca77b1903606N
-
Size
125KB
-
Sample
240919-d88ghszarn
-
MD5
4d8c17d3eb82e6d9cd7aa0fc574841f0
-
SHA1
a001f8f5c105bf60f0c62afe4fe7aa451b76d676
-
SHA256
346242a93dbe2faee19236b1c444ab5da6dabec9797965785b08ca77b1903606
-
SHA512
d9d528f3d7720bf0d6abd30131bbae428bcb1e4bf43233cf4942b32000512165a455a1eb964a246c4e23ae70972cb721dbb994e54291661dd2e99fec10b7fc60
-
SSDEEP
1536:W7ZppApAJdkCKPuJdkCKP17ZppApAJdkCKPuJdkCKPl:6pWplpWp3
Malware Config
Targets
-
-
Target
346242a93dbe2faee19236b1c444ab5da6dabec9797965785b08ca77b1903606N
-
Size
125KB
-
MD5
4d8c17d3eb82e6d9cd7aa0fc574841f0
-
SHA1
a001f8f5c105bf60f0c62afe4fe7aa451b76d676
-
SHA256
346242a93dbe2faee19236b1c444ab5da6dabec9797965785b08ca77b1903606
-
SHA512
d9d528f3d7720bf0d6abd30131bbae428bcb1e4bf43233cf4942b32000512165a455a1eb964a246c4e23ae70972cb721dbb994e54291661dd2e99fec10b7fc60
-
SSDEEP
1536:W7ZppApAJdkCKPuJdkCKP17ZppApAJdkCKPuJdkCKPl:6pWplpWp3
Score9/10-
Renames multiple (329) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-