General
-
Target
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546N
-
Size
2.2MB
-
Sample
241105-s2hpvasre1
-
MD5
1b4cd362a679f6c44502433191aa8820
-
SHA1
aed0eed9aad40db0ea39e72ae4b30f344a87861f
-
SHA256
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546
-
SHA512
78972ed1a717a0fadac0e8d983b23917e795bcdc399a77e9db3fca13473a442d6e779940010898ebb2299f6b8d8a0dc610531b0ca969bf6e2e36f2f2cc8cae5c
-
SSDEEP
24576:9ji4pgkE2fh4Co5JG2W14MGwAvcrCVcPM9W4OnkSCIpUlZXUbOpz:9GmgkEaSTJG2W9ecXpUlZX3pz
Static task
static1
Behavioral task
behavioral1
Sample
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546N
-
Size
2.2MB
-
MD5
1b4cd362a679f6c44502433191aa8820
-
SHA1
aed0eed9aad40db0ea39e72ae4b30f344a87861f
-
SHA256
d6e6051b21cd21718e37cf4667a8c5b201a3f7afe5c920098511711a19825546
-
SHA512
78972ed1a717a0fadac0e8d983b23917e795bcdc399a77e9db3fca13473a442d6e779940010898ebb2299f6b8d8a0dc610531b0ca969bf6e2e36f2f2cc8cae5c
-
SSDEEP
24576:9ji4pgkE2fh4Co5JG2W14MGwAvcrCVcPM9W4OnkSCIpUlZXUbOpz:9GmgkEaSTJG2W9ecXpUlZX3pz
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-