General
-
Target
7231914868efe6205dd1e12e58a17bad0c482468fce47c18c3ff16e39dba2cfb
-
Size
4.3MB
-
Sample
241101-ldqxzs1ker
-
MD5
bf063d9fda89348906086c3b8ec1a6b4
-
SHA1
df24129fa947d9fb34901f629e04ffa17065f053
-
SHA256
7231914868efe6205dd1e12e58a17bad0c482468fce47c18c3ff16e39dba2cfb
-
SHA512
fa7c707b1ab15280e618b72245e18f974ef20f5de88cc4af25354401ee27dc0c06ba90b1d8f50b0a8ee6ea92967cca98d8dc831e9ae7643199bb9cafe8456fa3
-
SSDEEP
24576:9jGt+gkE2fh4Coswkx2KdcPCl9AuDF5zUPGLG5SvAMZAMg9:9aUgkEaSPkx2KiPy9AuDzY
Malware Config
Targets
-
-
Target
7231914868efe6205dd1e12e58a17bad0c482468fce47c18c3ff16e39dba2cfb
-
Size
4.3MB
-
MD5
bf063d9fda89348906086c3b8ec1a6b4
-
SHA1
df24129fa947d9fb34901f629e04ffa17065f053
-
SHA256
7231914868efe6205dd1e12e58a17bad0c482468fce47c18c3ff16e39dba2cfb
-
SHA512
fa7c707b1ab15280e618b72245e18f974ef20f5de88cc4af25354401ee27dc0c06ba90b1d8f50b0a8ee6ea92967cca98d8dc831e9ae7643199bb9cafe8456fa3
-
SSDEEP
24576:9jGt+gkE2fh4Coswkx2KdcPCl9AuDF5zUPGLG5SvAMZAMg9:9aUgkEaSPkx2KiPy9AuDzY
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-