General
-
Target
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306
-
Size
41KB
-
Sample
241112-ychansspgj
-
MD5
e6a4179e28b0033fa0b333cb8c8a7aca
-
SHA1
b9b56780963280cab00408672851623eb416acc1
-
SHA256
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306
-
SHA512
7d55e3b92ea6ce7ff55eb2170323b2953290911f30cecda3b6433cf0032be73ccffd37602927a34d2242b9db8c57f21fa091076650acb1da12d0897f9631737a
-
SSDEEP
768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATB+BT37CPKKdJJcbQbf1Oti1JGBQOOw:CTW7JJZENTBsTW7JJZENTBV
Behavioral task
behavioral1
Sample
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306
-
Size
41KB
-
MD5
e6a4179e28b0033fa0b333cb8c8a7aca
-
SHA1
b9b56780963280cab00408672851623eb416acc1
-
SHA256
0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306
-
SHA512
7d55e3b92ea6ce7ff55eb2170323b2953290911f30cecda3b6433cf0032be73ccffd37602927a34d2242b9db8c57f21fa091076650acb1da12d0897f9631737a
-
SSDEEP
768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATB+BT37CPKKdJJcbQbf1Oti1JGBQOOw:CTW7JJZENTBsTW7JJZENTBV
Score9/10-
Renames multiple (4112) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-