General
-
Target
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7
-
Size
120KB
-
Sample
241114-fatltayjhm
-
MD5
0d97ba622ccdec553460b0869c31ff7e
-
SHA1
6bb9b84f713a67c7a051116bf38901a4c0b1d213
-
SHA256
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7
-
SHA512
2c7378bb4c29ce30af963070a28558815c30c55b1473014a94ec1ebb3351e43ae1a3bd34c52ec8a29392c7fc4b4c0c7bf125b24941e0cbc35d6d73e0192f1dd6
-
SSDEEP
1536:W7ZhA7dAynMdyGdy7YRY1tvtv+I8K/XCKCGSqzVY:6e76ynluKtvtv+ufC58q
Static task
static1
Behavioral task
behavioral1
Sample
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7
-
Size
120KB
-
MD5
0d97ba622ccdec553460b0869c31ff7e
-
SHA1
6bb9b84f713a67c7a051116bf38901a4c0b1d213
-
SHA256
fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7
-
SHA512
2c7378bb4c29ce30af963070a28558815c30c55b1473014a94ec1ebb3351e43ae1a3bd34c52ec8a29392c7fc4b4c0c7bf125b24941e0cbc35d6d73e0192f1dd6
-
SSDEEP
1536:W7ZhA7dAynMdyGdy7YRY1tvtv+I8K/XCKCGSqzVY:6e76ynluKtvtv+ufC58q
Score9/10-
Renames multiple (3438) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-