General
-
Target
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01
-
Size
194KB
-
Sample
241018-bb7slszckl
-
MD5
41d5ecd091335a2e680364ed6d325b74
-
SHA1
4022a959aea988ef5a2071f4b558414870ee08e1
-
SHA256
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01
-
SHA512
cf638d84ff15b8a3638431354a646e9a1f6144a8bd7aa73dca7ac90d975030f9f1101e4773afd588ed2bb49d320b582e2cf3c223cf1e4bd371879aa04747a47d
-
SSDEEP
3072:6pWpkuK4+bE1F4c2ypWpkuK4+bE1F4c2E:PCeFeHCeFeE
Static task
static1
Behavioral task
behavioral1
Sample
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01
-
Size
194KB
-
MD5
41d5ecd091335a2e680364ed6d325b74
-
SHA1
4022a959aea988ef5a2071f4b558414870ee08e1
-
SHA256
95349c3b287038a3ed18948ef8011e49f8191c68f5aa4e3be9bed046378c3d01
-
SHA512
cf638d84ff15b8a3638431354a646e9a1f6144a8bd7aa73dca7ac90d975030f9f1101e4773afd588ed2bb49d320b582e2cf3c223cf1e4bd371879aa04747a47d
-
SSDEEP
3072:6pWpkuK4+bE1F4c2ypWpkuK4+bE1F4c2E:PCeFeHCeFeE
Score9/10-
Renames multiple (3872) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-