General
-
Target
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872bN
-
Size
69KB
-
Sample
241005-zxyzlasfrm
-
MD5
7caed4ba676b1b6ba581c0d68ccc1b40
-
SHA1
652bb85d6725cf984a13457c4480440d57b1c368
-
SHA256
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872b
-
SHA512
e91909a6c471b9ded4a970d61b4aa791ba1edd3658e19e7e1a1b79822fc225f2285aef181eafda6375a3724e7cee66b51166c6bc0e0f773dafac2c81cf84c742
-
SSDEEP
1536:CTW7JJZENTBHfiPjTW7JJZENTBHfiP8Y9Yu:htErtEPY7
Behavioral task
behavioral1
Sample
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872bN.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872bN
-
Size
69KB
-
MD5
7caed4ba676b1b6ba581c0d68ccc1b40
-
SHA1
652bb85d6725cf984a13457c4480440d57b1c368
-
SHA256
e6968939d7866526c8f2f891a48256f820a9e02ced58ab2b370e11d5a256872b
-
SHA512
e91909a6c471b9ded4a970d61b4aa791ba1edd3658e19e7e1a1b79822fc225f2285aef181eafda6375a3724e7cee66b51166c6bc0e0f773dafac2c81cf84c742
-
SSDEEP
1536:CTW7JJZENTBHfiPjTW7JJZENTBHfiP8Y9Yu:htErtEPY7
Score9/10-
Renames multiple (3501) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-