General
-
Target
a8971320794e2f5811b29cbfc1d9985f410031f4e2f614b0e80d68dcc7d38c43N
-
Size
77KB
-
Sample
240919-getm2stepn
-
MD5
12bccd56216839183e640f8fe1146d90
-
SHA1
65170af608dab569cc4f9f5fa90111d0e4b04aaa
-
SHA256
a8971320794e2f5811b29cbfc1d9985f410031f4e2f614b0e80d68dcc7d38c43
-
SHA512
5834ee28701d82a82830f09b2b7cd87d2fcd6035247ab4d07e60a62fb82f2bf8a265f8bdbf10781f6e9e85b2a804bc80ae9a3d4dc6738d45189824ebef75c7d2
-
SSDEEP
768:W7BlpppARFbhknrzzA8JQ2AdJCzA8JQ2AdJWX0kXX0k8y7BlpppARFbhknrzzA8b:W7ZppApkGpJy7ZppApkGpJ6
Malware Config
Targets
-
-
Target
a8971320794e2f5811b29cbfc1d9985f410031f4e2f614b0e80d68dcc7d38c43N
-
Size
77KB
-
MD5
12bccd56216839183e640f8fe1146d90
-
SHA1
65170af608dab569cc4f9f5fa90111d0e4b04aaa
-
SHA256
a8971320794e2f5811b29cbfc1d9985f410031f4e2f614b0e80d68dcc7d38c43
-
SHA512
5834ee28701d82a82830f09b2b7cd87d2fcd6035247ab4d07e60a62fb82f2bf8a265f8bdbf10781f6e9e85b2a804bc80ae9a3d4dc6738d45189824ebef75c7d2
-
SSDEEP
768:W7BlpppARFbhknrzzA8JQ2AdJCzA8JQ2AdJWX0kXX0k8y7BlpppARFbhknrzzA8b:W7ZppApkGpJy7ZppApkGpJ6
Score9/10-
Renames multiple (4376) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-