General
-
Target
7818cad0adcbdaa6aadbbdeb2a1f99bccb2ee7cc55429194fb108fc5e9f8d5cfN
-
Size
221KB
-
Sample
240919-h1za4axapp
-
MD5
3852f405c2c42f547180d89d9d5e95d0
-
SHA1
4121529913547319002d84a5e667c12cf77e3ace
-
SHA256
7818cad0adcbdaa6aadbbdeb2a1f99bccb2ee7cc55429194fb108fc5e9f8d5cf
-
SHA512
b2079d43decea5ff038024ff23def15e486ef51c5fc407d3d1047fc771a1661e79276a932379b8396ce4815f88f7f7d27fdd2977658c35f66adf9d13ac317b24
-
SSDEEP
6144:RqlIyFESWu0SWuNSIgqlIyFESWu0SWuNSIq:tyDoyDq
Malware Config
Targets
-
-
Target
7818cad0adcbdaa6aadbbdeb2a1f99bccb2ee7cc55429194fb108fc5e9f8d5cfN
-
Size
221KB
-
MD5
3852f405c2c42f547180d89d9d5e95d0
-
SHA1
4121529913547319002d84a5e667c12cf77e3ace
-
SHA256
7818cad0adcbdaa6aadbbdeb2a1f99bccb2ee7cc55429194fb108fc5e9f8d5cf
-
SHA512
b2079d43decea5ff038024ff23def15e486ef51c5fc407d3d1047fc771a1661e79276a932379b8396ce4815f88f7f7d27fdd2977658c35f66adf9d13ac317b24
-
SSDEEP
6144:RqlIyFESWu0SWuNSIgqlIyFESWu0SWuNSIq:tyDoyDq
Score9/10-
Renames multiple (3004) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-