General
-
Target
a0ea6d7a417223fc5890971871ab2e68de669a7e0b048ef624e817703f2acb45N
-
Size
78KB
-
Sample
241004-nxmqsascjj
-
MD5
bfc6114863faf563a6cb032e2a70dce0
-
SHA1
9f3204d9b003efc8d90320430d5d5129b4a0d209
-
SHA256
a0ea6d7a417223fc5890971871ab2e68de669a7e0b048ef624e817703f2acb45
-
SHA512
bcc3ff31f503c278a3ccef13638d67a46d98c36edda852756f01b95243e12ab2beca9b98c076d9f7b4c8389cb48dec017549adc19f8ad5d524979354770c1d5b
-
SSDEEP
384:yBs7Br5xjL8AgA71Fbhvx/5KBs7Br5xjL8AgA71Fbhvx/5l:/7BlpQpARFbhJ/17BlpQpARFbhJ//
Malware Config
Targets
-
-
Target
a0ea6d7a417223fc5890971871ab2e68de669a7e0b048ef624e817703f2acb45N
-
Size
78KB
-
MD5
bfc6114863faf563a6cb032e2a70dce0
-
SHA1
9f3204d9b003efc8d90320430d5d5129b4a0d209
-
SHA256
a0ea6d7a417223fc5890971871ab2e68de669a7e0b048ef624e817703f2acb45
-
SHA512
bcc3ff31f503c278a3ccef13638d67a46d98c36edda852756f01b95243e12ab2beca9b98c076d9f7b4c8389cb48dec017549adc19f8ad5d524979354770c1d5b
-
SSDEEP
384:yBs7Br5xjL8AgA71Fbhvx/5KBs7Br5xjL8AgA71Fbhvx/5l:/7BlpQpARFbhJ/17BlpQpARFbhJ//
Score9/10-
Renames multiple (4101) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-