General
-
Target
deus.exe
-
Size
28.9MB
-
Sample
241115-mrazcswqbk
-
MD5
ea203c5b6bcbfe8feeaad684828885c1
-
SHA1
aefe4e14ff3b3b14f233fd27400c512ae953f30d
-
SHA256
6d57fb60c5269ba3998951103e097f597d97caba5e573c680243a1d60d23acb6
-
SHA512
c01afb7d4a0abb70d450f753a844dee2eba5d68db9b7132e989d31a7d1c09db1d485867fe58a8a8e9026916f1876beabd42b7617d2fe44192c1dc028d91e9c95
-
SSDEEP
786432:w5STYxW81+3hrsXMb8kxBZkxpQgR+yhOj/6+3ao:wTxW93hrscr3yxp/R+ysvao
Behavioral task
behavioral1
Sample
deus.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
deus.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
deus.exe
-
Size
28.9MB
-
MD5
ea203c5b6bcbfe8feeaad684828885c1
-
SHA1
aefe4e14ff3b3b14f233fd27400c512ae953f30d
-
SHA256
6d57fb60c5269ba3998951103e097f597d97caba5e573c680243a1d60d23acb6
-
SHA512
c01afb7d4a0abb70d450f753a844dee2eba5d68db9b7132e989d31a7d1c09db1d485867fe58a8a8e9026916f1876beabd42b7617d2fe44192c1dc028d91e9c95
-
SSDEEP
786432:w5STYxW81+3hrsXMb8kxBZkxpQgR+yhOj/6+3ao:wTxW93hrscr3yxp/R+ysvao
Score9/10-
Renames multiple (61) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-