General
-
Target
215912576403a6d13ef0a92f7297dd47ddd11102992b3ffbd265e53dc1a03d4dN
-
Size
81KB
-
Sample
240920-2p2rmasdmf
-
MD5
96699cd5d53e1d76ba7ca205d6ed3aa0
-
SHA1
2099c85e30679ea17854dba709f7144070485545
-
SHA256
215912576403a6d13ef0a92f7297dd47ddd11102992b3ffbd265e53dc1a03d4d
-
SHA512
cfed16023f49a5e05d208e42ec290f78fada55088eadc3a00a7b8f977d996ed9ed8f279195b360af3d8c0e58020eb2a4e465e54b40fd6b01fc94cf7cf82cf3cb
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDx7ZppApBULcfpHLcfpyDu:6pWpBwchcwDbpWpBwchcwDu
Malware Config
Targets
-
-
Target
215912576403a6d13ef0a92f7297dd47ddd11102992b3ffbd265e53dc1a03d4dN
-
Size
81KB
-
MD5
96699cd5d53e1d76ba7ca205d6ed3aa0
-
SHA1
2099c85e30679ea17854dba709f7144070485545
-
SHA256
215912576403a6d13ef0a92f7297dd47ddd11102992b3ffbd265e53dc1a03d4d
-
SHA512
cfed16023f49a5e05d208e42ec290f78fada55088eadc3a00a7b8f977d996ed9ed8f279195b360af3d8c0e58020eb2a4e465e54b40fd6b01fc94cf7cf82cf3cb
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDx7ZppApBULcfpHLcfpyDu:6pWpBwchcwDbpWpBwchcwDu
Score9/10-
Renames multiple (4345) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-