General
-
Target
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80
-
Size
977KB
-
Sample
241105-yjv54sxckg
-
MD5
e7b4a7960fdd81a24b636209de6598b9
-
SHA1
70c80a318b993e8fdd339accc8dab26ea766c6f3
-
SHA256
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80
-
SHA512
b721c4ff7e40c563ba6beecdd8d51c4ab9daeaa81a0f4e8d6851ad7c251e7e120ed7a6095cac8eb3ea1dac133a917d69823b4cdcdfaae0db61557eadad06ff4a
-
SSDEEP
12288:9j9uzymHejP7y8H+RNUDDvRP77+7qB3DWKtsm45Y:9j9QYT/eR0u7C3D1tT45Y
Static task
static1
Behavioral task
behavioral1
Sample
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80
-
Size
977KB
-
MD5
e7b4a7960fdd81a24b636209de6598b9
-
SHA1
70c80a318b993e8fdd339accc8dab26ea766c6f3
-
SHA256
1148a0ff2fe3378dd9d90ffe86948b011f89ce3b0b3bedadf803346b8f399e80
-
SHA512
b721c4ff7e40c563ba6beecdd8d51c4ab9daeaa81a0f4e8d6851ad7c251e7e120ed7a6095cac8eb3ea1dac133a917d69823b4cdcdfaae0db61557eadad06ff4a
-
SSDEEP
12288:9j9uzymHejP7y8H+RNUDDvRP77+7qB3DWKtsm45Y:9j9QYT/eR0u7C3D1tT45Y
Score9/10-
Renames multiple (317) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-