General
-
Target
02c4d425efdf2849f656464609198d0a7e17a55682b158b7548742c2e20b6048N
-
Size
73KB
-
Sample
240919-vkzm5szglr
-
MD5
a941438d324f202ceb67c81e90dcab50
-
SHA1
037a2ae8836b51c5a3da7b6f198e2ab4146cb980
-
SHA256
02c4d425efdf2849f656464609198d0a7e17a55682b158b7548742c2e20b6048
-
SHA512
1943184562f79f8ce34fb73e8c2cc43886bc2f8d5c1044e3e4ed29ee5040837be1ce849304dfd591e410c5dbaf10ec2deb3aee46d8c0bd60150d60c1fcd61cc7
-
SSDEEP
768:W7BlpDpARFbhgfZf6WAnWAV7BlpDpARFbhgfZf6WAnWAu:W7ZDpApVtV7ZDpApVtu
Malware Config
Targets
-
-
Target
02c4d425efdf2849f656464609198d0a7e17a55682b158b7548742c2e20b6048N
-
Size
73KB
-
MD5
a941438d324f202ceb67c81e90dcab50
-
SHA1
037a2ae8836b51c5a3da7b6f198e2ab4146cb980
-
SHA256
02c4d425efdf2849f656464609198d0a7e17a55682b158b7548742c2e20b6048
-
SHA512
1943184562f79f8ce34fb73e8c2cc43886bc2f8d5c1044e3e4ed29ee5040837be1ce849304dfd591e410c5dbaf10ec2deb3aee46d8c0bd60150d60c1fcd61cc7
-
SSDEEP
768:W7BlpDpARFbhgfZf6WAnWAV7BlpDpARFbhgfZf6WAnWAu:W7ZDpApVtV7ZDpApVtu
Score9/10-
Renames multiple (4149) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-