General
-
Target
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2
-
Size
228KB
-
Sample
241016-xvgw7a1bpm
-
MD5
79d128f40ed98b0858216347e81581c0
-
SHA1
94444c008ac3fc5d143f4d47c435a9417a274eff
-
SHA256
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2
-
SHA512
734a748ab753bdf3f276e55b3f3803cd064121e7d75433535a082abfbe1899c0827c8b35aa6e021b883828c4b1bc2063d768d4450c9c67161c58a65c8d4c5e75
-
SSDEEP
3072:KQSodYeHNmkDxfIyKoIWbsHfySkT5GeCyi348oWGRPOzkjId6q8UdrSD+kCoIfLO:KQSodYeHNmB9KN4ShcHUaG
Behavioral task
behavioral1
Sample
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2
-
Size
228KB
-
MD5
79d128f40ed98b0858216347e81581c0
-
SHA1
94444c008ac3fc5d143f4d47c435a9417a274eff
-
SHA256
202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2
-
SHA512
734a748ab753bdf3f276e55b3f3803cd064121e7d75433535a082abfbe1899c0827c8b35aa6e021b883828c4b1bc2063d768d4450c9c67161c58a65c8d4c5e75
-
SSDEEP
3072:KQSodYeHNmkDxfIyKoIWbsHfySkT5GeCyi348oWGRPOzkjId6q8UdrSD+kCoIfLO:KQSodYeHNmB9KN4ShcHUaG
Score9/10-
Renames multiple (506) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-