General
-
Target
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3
-
Size
41KB
-
Sample
241112-xt3r9sslek
-
MD5
86adce41798b759c4214967143bdf35b
-
SHA1
42081cae9a84ff81829889ff1c6cd40b2d9818d9
-
SHA256
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3
-
SHA512
e35abfcb2e9b2bf965764c76a4f2e4faa971badcb7260a7a9e2ca104e38a882fd3ba1c3692dd26b0d7fb910c5f97e60f076d0379d0d6eeb42dae94e0650d4793
-
SSDEEP
768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBVBT37CPKKdJJcbQbf1Oti1JGBQOOI:CTW7JJZENTBnTW7JJZENTBJ
Behavioral task
behavioral1
Sample
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3
-
Size
41KB
-
MD5
86adce41798b759c4214967143bdf35b
-
SHA1
42081cae9a84ff81829889ff1c6cd40b2d9818d9
-
SHA256
02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3
-
SHA512
e35abfcb2e9b2bf965764c76a4f2e4faa971badcb7260a7a9e2ca104e38a882fd3ba1c3692dd26b0d7fb910c5f97e60f076d0379d0d6eeb42dae94e0650d4793
-
SSDEEP
768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBVBT37CPKKdJJcbQbf1Oti1JGBQOOI:CTW7JJZENTBnTW7JJZENTBJ
Score9/10-
Renames multiple (4372) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-