General
-
Target
76f37775c0d1683e029d131526fcb9e9cf594f2e4908a2ec00920ee2583f04f7
-
Size
4.4MB
-
Sample
241120-aks55swcnf
-
MD5
dc9e939ee449d36161d925e7afb69370
-
SHA1
db34c1776b889984c34e037817ec64d827470a87
-
SHA256
76f37775c0d1683e029d131526fcb9e9cf594f2e4908a2ec00920ee2583f04f7
-
SHA512
df1e3c15afcdc177950d4c7cfe154e5521b456c6dffbf1d339b6eb21efb70604fbbc13997dfe1f19d98957b9b150545969aa29a21a93a47335e48d79fab62109
-
SSDEEP
49152:99KfuPS3ELNjV7FZxEfOfOgwf099cPy9AuDzY:8m9pZxwgbcPy9AuDzY
Malware Config
Targets
-
-
Target
76f37775c0d1683e029d131526fcb9e9cf594f2e4908a2ec00920ee2583f04f7
-
Size
4.4MB
-
MD5
dc9e939ee449d36161d925e7afb69370
-
SHA1
db34c1776b889984c34e037817ec64d827470a87
-
SHA256
76f37775c0d1683e029d131526fcb9e9cf594f2e4908a2ec00920ee2583f04f7
-
SHA512
df1e3c15afcdc177950d4c7cfe154e5521b456c6dffbf1d339b6eb21efb70604fbbc13997dfe1f19d98957b9b150545969aa29a21a93a47335e48d79fab62109
-
SSDEEP
49152:99KfuPS3ELNjV7FZxEfOfOgwf099cPy9AuDzY:8m9pZxwgbcPy9AuDzY
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-