General
-
Target
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95
-
Size
9.5MB
-
Sample
241114-d7a5matkcz
-
MD5
368fac6ce2973d7028f0a948b08a3890
-
SHA1
6049fd059b1fa9fffb23c8951bfb8735f22e4d5c
-
SHA256
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95
-
SHA512
ab1facd73610b68e56016430b91a2d000c5b54e07e4769d85518da5c78eeb037fc37b63a9eb31f2f5e0310698c959fc69d5d1b2b781cb29060557f556398646e
-
SSDEEP
196608:5h5ZujZZFpEgBDOZRHNrZ0WwPYwKmFSNse257H5jMe/NAWgd/i7D4/mO4y/i2GhB:53YOZzrJaSNsjMWgd/i7C/iHh4WxPf
Static task
static1
Behavioral task
behavioral1
Sample
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95
-
Size
9.5MB
-
MD5
368fac6ce2973d7028f0a948b08a3890
-
SHA1
6049fd059b1fa9fffb23c8951bfb8735f22e4d5c
-
SHA256
e41f3a84ac4bf6211fccaad1eb7802a04203659512299290568f242346e7fa95
-
SHA512
ab1facd73610b68e56016430b91a2d000c5b54e07e4769d85518da5c78eeb037fc37b63a9eb31f2f5e0310698c959fc69d5d1b2b781cb29060557f556398646e
-
SSDEEP
196608:5h5ZujZZFpEgBDOZRHNrZ0WwPYwKmFSNse257H5jMe/NAWgd/i7D4/mO4y/i2GhB:53YOZzrJaSNsjMWgd/i7C/iHh4WxPf
Score9/10-
Renames multiple (317) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-