General
-
Target
183cd5f034f18b0a5ed3a56f0b058da06b992c024c01f514326768ac9688747b
-
Size
581KB
-
Sample
240919-drgbpsxhmf
-
MD5
8b70ba0f3b9818b5e2909e370254ea48
-
SHA1
56ffda57fd9161b441f0715d848cbcc0c0ccf5bf
-
SHA256
183cd5f034f18b0a5ed3a56f0b058da06b992c024c01f514326768ac9688747b
-
SHA512
53e8a9319f9cb58b2de4069c8a579cb0ad49408ba93f052d58eb5fb7e8996953fb8569babf5b6853f89d054309c457162277a360947972e9e4e8f0ec67f0cb28
-
SSDEEP
12288:N9C7oO/76BYSuTDqymSutZLcTra3qxsOeNMzrTKcJmVcgrdC:N94DmSuteagsUzXJmmgrdC
Malware Config
Targets
-
-
Target
183cd5f034f18b0a5ed3a56f0b058da06b992c024c01f514326768ac9688747b
-
Size
581KB
-
MD5
8b70ba0f3b9818b5e2909e370254ea48
-
SHA1
56ffda57fd9161b441f0715d848cbcc0c0ccf5bf
-
SHA256
183cd5f034f18b0a5ed3a56f0b058da06b992c024c01f514326768ac9688747b
-
SHA512
53e8a9319f9cb58b2de4069c8a579cb0ad49408ba93f052d58eb5fb7e8996953fb8569babf5b6853f89d054309c457162277a360947972e9e4e8f0ec67f0cb28
-
SSDEEP
12288:N9C7oO/76BYSuTDqymSutZLcTra3qxsOeNMzrTKcJmVcgrdC:N94DmSuteagsUzXJmmgrdC
Score9/10-
Renames multiple (295) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops desktop.ini file(s)
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Sets desktop wallpaper using registry
-