General
-
Target
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806cN
-
Size
2.1MB
-
Sample
241105-zvf11axqdv
-
MD5
7c7a55ebf7dbcaf2de5825b5e64ba4a0
-
SHA1
5495e0ade75fecc657f375fe3fca58cd24bd1965
-
SHA256
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806c
-
SHA512
29791d1c200f21c745a3c08113ffde8c2e57e0f084aaf14eb403b21de22fb3a7963d51bfbcabff610f5fd27fda5b195caa1b571668efa2ffa311330f4f60a4ff
-
SSDEEP
49152:9mHMJuQ9mhkjgMj7SwYfy3V8VD01yPiI4cCd2ilpXHJT8mpaZQUSNl9X6f4IeY0X:mK9X5Iddq41Lxry
Static task
static1
Behavioral task
behavioral1
Sample
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806cN.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806cN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806cN
-
Size
2.1MB
-
MD5
7c7a55ebf7dbcaf2de5825b5e64ba4a0
-
SHA1
5495e0ade75fecc657f375fe3fca58cd24bd1965
-
SHA256
5615d756293528cc62561f390a6ddaa71936d17ed035fb959aebaa958e29806c
-
SHA512
29791d1c200f21c745a3c08113ffde8c2e57e0f084aaf14eb403b21de22fb3a7963d51bfbcabff610f5fd27fda5b195caa1b571668efa2ffa311330f4f60a4ff
-
SSDEEP
49152:9mHMJuQ9mhkjgMj7SwYfy3V8VD01yPiI4cCd2ilpXHJT8mpaZQUSNl9X6f4IeY0X:mK9X5Iddq41Lxry
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-