General
-
Target
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN
-
Size
152KB
-
Sample
241020-apnq8axhjc
-
MD5
390a91afaa4c27ea3317933a79b9ae50
-
SHA1
49748a8c0b7f93c7a8433ac7d43bdf56d568cf3f
-
SHA256
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113b
-
SHA512
feb6c693b8c0a288a2e23c9784c8209c86583cf086c1230e29e57c378703dcdfb14e7fbbbbcfefb0f0e86f7a782df8335d9974fa0b2c8f7689c571230d27475a
-
SSDEEP
3072:9QWp4z1QWp4z7EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFst:LaI
Static task
static1
Behavioral task
behavioral1
Sample
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN
-
Size
152KB
-
MD5
390a91afaa4c27ea3317933a79b9ae50
-
SHA1
49748a8c0b7f93c7a8433ac7d43bdf56d568cf3f
-
SHA256
dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113b
-
SHA512
feb6c693b8c0a288a2e23c9784c8209c86583cf086c1230e29e57c378703dcdfb14e7fbbbbcfefb0f0e86f7a782df8335d9974fa0b2c8f7689c571230d27475a
-
SSDEEP
3072:9QWp4z1QWp4z7EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFst:LaI
Score9/10-
Renames multiple (4154) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-