General
-
Target
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1
-
Size
166KB
-
Sample
241112-ej8awstkhw
-
MD5
cb5fb95befafcdd3e890f506f9b140f7
-
SHA1
bcec64e4d8668c3ed98b1f79f017fbee0a7cdbe7
-
SHA256
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1
-
SHA512
5c1b07bb8198e6b6c06bbc2b9f699af8907e3144b7b64d551d94e8025ac61b8a95847f5f0aafd3e89bba9bc24af122100072ddd6a6a70b8c926f7daa61a3587c
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxk7Zf/FAxTWY1++PJHJXA/OsIZfzc3i:fnyiQSo1nyiQSo9
Behavioral task
behavioral1
Sample
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1
-
Size
166KB
-
MD5
cb5fb95befafcdd3e890f506f9b140f7
-
SHA1
bcec64e4d8668c3ed98b1f79f017fbee0a7cdbe7
-
SHA256
dcfa8498eb67f39f7c0d3688ecfeb16f13e221a39048a859273a92cbb49ce1c1
-
SHA512
5c1b07bb8198e6b6c06bbc2b9f699af8907e3144b7b64d551d94e8025ac61b8a95847f5f0aafd3e89bba9bc24af122100072ddd6a6a70b8c926f7daa61a3587c
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxk7Zf/FAxTWY1++PJHJXA/OsIZfzc3i:fnyiQSo1nyiQSo9
Score9/10-
Renames multiple (3618) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-