General
-
Target
3dbd1ca6f8047c98e622e357813b9f2b76f606703ab0da2524a432d905df7b9c
-
Size
683KB
-
Sample
241002-yl7a6atdqm
-
MD5
302355223951058450ea23d85512b84d
-
SHA1
6bc5d29f43d2e242d81492cc03976eb9f2b87eb0
-
SHA256
3dbd1ca6f8047c98e622e357813b9f2b76f606703ab0da2524a432d905df7b9c
-
SHA512
4f83182f477f42ac35ba990d73a2ff2064e98a3b0352f2e5d735552294abe2e72f0793de8bcecd0521584a95a088caa8a96e798282283232d5e2130d219e03cd
-
SSDEEP
12288:aeFID53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq69:aR95Nw+bJ3lI9uB/48Ub9
Malware Config
Targets
-
-
Target
3dbd1ca6f8047c98e622e357813b9f2b76f606703ab0da2524a432d905df7b9c
-
Size
683KB
-
MD5
302355223951058450ea23d85512b84d
-
SHA1
6bc5d29f43d2e242d81492cc03976eb9f2b87eb0
-
SHA256
3dbd1ca6f8047c98e622e357813b9f2b76f606703ab0da2524a432d905df7b9c
-
SHA512
4f83182f477f42ac35ba990d73a2ff2064e98a3b0352f2e5d735552294abe2e72f0793de8bcecd0521584a95a088caa8a96e798282283232d5e2130d219e03cd
-
SSDEEP
12288:aeFID53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq69:aR95Nw+bJ3lI9uB/48Ub9
Score9/10-
Renames multiple (600) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-