General
-
Target
1cdaa3c87b640f749452205df24cd3b9338dbfac5a2c73a96ea20f41e9a799e0
-
Size
85KB
-
Sample
240922-mxh7xswaml
-
MD5
5d8487a7c2c353006ad40886b6cd41a0
-
SHA1
52fff7297a47cd9558f158117886236612c8be86
-
SHA256
1cdaa3c87b640f749452205df24cd3b9338dbfac5a2c73a96ea20f41e9a799e0
-
SHA512
fbe625a0c1d7b462f12b4d66acc52df622b3eb6293c549799b0daf95a907b0df292770d8456107a9b1cef5ff1434dde8659aa73715b9fc0cff0586b34e0ea8fc
-
SSDEEP
1536:Sw6ovd79W0/sZPQ0gSI84xvDiubx6xkccjIe8JH3zra33jLkDAu98KqLQU:ooF7MtZPQteulscjIeWODLkzvq/
Static task
static1
Behavioral task
behavioral1
Sample
56.exe
Resource
win7-20240708-en
Malware Config
Extracted
C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
http://golden5a4eqranh7.onion/tB1Yc3Ew
http://goldeny4vs3nyoht.onion/tB1Yc3Ew
Extracted
C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
http://golden5a4eqranh7.onion/xxPnrTJW
http://goldeny4vs3nyoht.onion/xxPnrTJW
Targets
-
-
Target
56
-
Size
147KB
-
MD5
691bc42ad3905fa13d1f088e1aaf07c8
-
SHA1
4747422f504a5b8638a53255905bc759316cdf45
-
SHA256
640d57062a58daf8cde747d115085e323923d5f297fe6e76960c0953a1c75139
-
SHA512
18ec42ef13042539460e20f339a0495c1d87ff3764476fd5dd53197788df4a233879a9c8f709a89915a0f9bca46a3af85cd7b0b7426c2f89620b10ffee506431
-
SSDEEP
3072:U9dUEfLpw3gCidSMFztbGw9Pz5DHrN+Ch:U9d/w3gN/pZH
-
Seon
The Seon Ransomware is an encryption ransomware Trojan first observed on November 14, 2018.
-
Renames multiple (243) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-