General
-
Target
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33.exe
-
Size
9.0MB
-
Sample
241006-jwjkhswbln
-
MD5
889e6365d82a9a89b6c8c86d672b8f0c
-
SHA1
59e293623e4fb828a29fb982d5ac9a4f993abc3b
-
SHA256
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33
-
SHA512
cae479080f68f4f935a0694a5f948675c5c4be1a5dbcf437512af7f0ca801a129313daf915cefecbb62484b90c0579d1e50c9c4951bcc84dcdf5c814a8b231c0
-
SSDEEP
24576:i09gMRNaC6s6Hp15O3N22845VjpQaRdQtzHmhwFb+a:nWAd6sQp15/VgV9RdQxHmhwFb+
Static task
static1
Behavioral task
behavioral1
Sample
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33.exe
-
Size
9.0MB
-
MD5
889e6365d82a9a89b6c8c86d672b8f0c
-
SHA1
59e293623e4fb828a29fb982d5ac9a4f993abc3b
-
SHA256
48630e76e438952a2030f1db408993e088839a801243b5d42e559afda4189f33
-
SHA512
cae479080f68f4f935a0694a5f948675c5c4be1a5dbcf437512af7f0ca801a129313daf915cefecbb62484b90c0579d1e50c9c4951bcc84dcdf5c814a8b231c0
-
SSDEEP
24576:i09gMRNaC6s6Hp15O3N22845VjpQaRdQtzHmhwFb+a:nWAd6sQp15/VgV9RdQxHmhwFb+
Score10/10-
Renames multiple (194) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops startup file
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Sets desktop wallpaper using registry
-