General
-
Target
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N
-
Size
87KB
-
Sample
241017-2x23cs1fra
-
MD5
ac5dde6178c42e50fe58374997a48d00
-
SHA1
0d65c165f79aa6a386b10239b0c8240f3157c310
-
SHA256
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8
-
SHA512
387c32be1933c6fd506309744e8b3fdf14813b3203a37aa772c37eaa50edbd1900cd36b9e0383d95706f56c6ca8b9685efd112c8b927c90a811c256ddbf0bd44
-
SSDEEP
1536:CTW7JJ7TPUnWEUT2UTvTW7JJ7TPUnWEUT2UTZKo:hzUFUT2UT4zUFUT2UTZKo
Behavioral task
behavioral1
Sample
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N
-
Size
87KB
-
MD5
ac5dde6178c42e50fe58374997a48d00
-
SHA1
0d65c165f79aa6a386b10239b0c8240f3157c310
-
SHA256
d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8
-
SHA512
387c32be1933c6fd506309744e8b3fdf14813b3203a37aa772c37eaa50edbd1900cd36b9e0383d95706f56c6ca8b9685efd112c8b927c90a811c256ddbf0bd44
-
SSDEEP
1536:CTW7JJ7TPUnWEUT2UTvTW7JJ7TPUnWEUT2UTZKo:hzUFUT2UT4zUFUT2UTZKo
Score9/10-
Renames multiple (4412) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-