General
-
Target
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27N
-
Size
2.1MB
-
Sample
241019-2zg5zavajd
-
MD5
9ef05474963ac2163b3fd86c64ed7110
-
SHA1
47d25c1e8ede2fb2cc7c88e5d22182969aedc58a
-
SHA256
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27
-
SHA512
31da3f6f48a5434abdc530bcc2c20b1f62784c48a0a075fb51bd4bc6f73e5e6feaca690fe3bbabf8d3627c59fcefcbaa209f24a1aecc205b5b91e922c44b4427
-
SSDEEP
49152:9mHMJuQ9mhkjgMj7SwYfy3V8VD01yPiI4cCd2ilpXHJT8mpaZQWnqqr9wJI6S7RW:Anq29lFHon9X5Iddq41Lxry
Static task
static1
Behavioral task
behavioral1
Sample
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27N
-
Size
2.1MB
-
MD5
9ef05474963ac2163b3fd86c64ed7110
-
SHA1
47d25c1e8ede2fb2cc7c88e5d22182969aedc58a
-
SHA256
f1a47b64d55be8af465cb9614833cd4d85698bc8186cf00143133147ce822a27
-
SHA512
31da3f6f48a5434abdc530bcc2c20b1f62784c48a0a075fb51bd4bc6f73e5e6feaca690fe3bbabf8d3627c59fcefcbaa209f24a1aecc205b5b91e922c44b4427
-
SSDEEP
49152:9mHMJuQ9mhkjgMj7SwYfy3V8VD01yPiI4cCd2ilpXHJT8mpaZQWnqqr9wJI6S7RW:Anq29lFHon9X5Iddq41Lxry
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-