General
-
Target
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584N.exe
-
Size
4.2MB
-
Sample
241114-g4pqdsvkey
-
MD5
fd1836247c12599abb5424a181f4c5b0
-
SHA1
a74fba2cda7ed8bd5d003834653575d036796a24
-
SHA256
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584
-
SHA512
311cb9227e1150601b51d35ce525c5f8bd1756d1176e0113abf5b94b5ae72e4390669da9d48585b5aacbceb8739cca03c3ac9f44d71a8e2e46becda1be72076b
-
SSDEEP
49152:9AdqzBwFbfscEmKev3KcYq1r7RISY4+jfC09VbGR0T1c0tkAxT66LV8kq160E:eQB+o1c0tkStykq160E
Static task
static1
Behavioral task
behavioral1
Sample
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584N.exe
-
Size
4.2MB
-
MD5
fd1836247c12599abb5424a181f4c5b0
-
SHA1
a74fba2cda7ed8bd5d003834653575d036796a24
-
SHA256
2f823f8d90b8111c42438cf2ff131de94dc335a23247893c9a5cc30f5e6e1584
-
SHA512
311cb9227e1150601b51d35ce525c5f8bd1756d1176e0113abf5b94b5ae72e4390669da9d48585b5aacbceb8739cca03c3ac9f44d71a8e2e46becda1be72076b
-
SSDEEP
49152:9AdqzBwFbfscEmKev3KcYq1r7RISY4+jfC09VbGR0T1c0tkAxT66LV8kq160E:eQB+o1c0tkStykq160E
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-