General
-
Target
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28N
-
Size
2.1MB
-
Sample
241105-rd746avmer
-
MD5
472892f49a71079ff681d14894bbe240
-
SHA1
f23c5f31316884602bb42f4f863fae648b3931ad
-
SHA256
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28
-
SHA512
accde89c24c78fcb53e860379b05a9ad7971345f659d674e941612ddacd22c4c2d6ebd6eea70ac7a585b5e9be0c75bf3a2975d928e326451c422092fac61c767
-
SSDEEP
49152:9jHmRehwPofNSNl9X6f4IeY0+h1s410I1xIdcxyNt:tHmRNYK9X5Iddq41Lxry
Static task
static1
Behavioral task
behavioral1
Sample
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28N
-
Size
2.1MB
-
MD5
472892f49a71079ff681d14894bbe240
-
SHA1
f23c5f31316884602bb42f4f863fae648b3931ad
-
SHA256
c761ce1aa2524b93bbf834c8acb614300825a9e04f480f0c3238bf01414bbc28
-
SHA512
accde89c24c78fcb53e860379b05a9ad7971345f659d674e941612ddacd22c4c2d6ebd6eea70ac7a585b5e9be0c75bf3a2975d928e326451c422092fac61c767
-
SSDEEP
49152:9jHmRehwPofNSNl9X6f4IeY0+h1s410I1xIdcxyNt:tHmRNYK9X5Iddq41Lxry
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-