General
-
Target
d2908e71983ad027290e2c4a54def193cb9cb2feaf16d62d1153d670190a75f4N
-
Size
129KB
-
Sample
241002-12hc3szclp
-
MD5
46cb3c33be26c97c0a97bcddd694f0a0
-
SHA1
56d90101e5191ae9ca762c4cb8fcd7f49847f4b3
-
SHA256
d2908e71983ad027290e2c4a54def193cb9cb2feaf16d62d1153d670190a75f4
-
SHA512
f98696c64bb62161316cbeb5e497228841d72a26d3714524d88dbaf545e1586fb425ba7cd02b99ffc973f91c3000c96efbcdb6bf67e47a4dd871cb282705d91d
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/Nwmxa7ZppApBULcfpHLcfpX2/Nw/NwmxEBn:6pWpBwchcV2WxepWpBwchcV2WxEBn
Malware Config
Targets
-
-
Target
d2908e71983ad027290e2c4a54def193cb9cb2feaf16d62d1153d670190a75f4N
-
Size
129KB
-
MD5
46cb3c33be26c97c0a97bcddd694f0a0
-
SHA1
56d90101e5191ae9ca762c4cb8fcd7f49847f4b3
-
SHA256
d2908e71983ad027290e2c4a54def193cb9cb2feaf16d62d1153d670190a75f4
-
SHA512
f98696c64bb62161316cbeb5e497228841d72a26d3714524d88dbaf545e1586fb425ba7cd02b99ffc973f91c3000c96efbcdb6bf67e47a4dd871cb282705d91d
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/Nwmxa7ZppApBULcfpHLcfpX2/Nw/NwmxEBn:6pWpBwchcV2WxepWpBwchcV2WxEBn
Score9/10-
Renames multiple (3734) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-