General
-
Target
130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a.exe
-
Size
824KB
-
Sample
241120-wkjscsvngp
-
MD5
fb906c89a44c72dbc6defbdf256a55d1
-
SHA1
f79e9fb74936be290c4dfc1bc94b8dbad2ab5098
-
SHA256
130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a
-
SHA512
c2d5edd86a3cd84609d65f2a26297e920b4ddc556bb5673d3b4f0e9cf4293433731b210210462b1f2e194af6de087792a5c2921833e53f823e3ddf9971129e33
-
SSDEEP
12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEtg888888888888W888888E:NNzCtUpQ9WWPBSSRMTEpXNY
Behavioral task
behavioral1
Sample
130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a.exe
-
Size
824KB
-
MD5
fb906c89a44c72dbc6defbdf256a55d1
-
SHA1
f79e9fb74936be290c4dfc1bc94b8dbad2ab5098
-
SHA256
130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a
-
SHA512
c2d5edd86a3cd84609d65f2a26297e920b4ddc556bb5673d3b4f0e9cf4293433731b210210462b1f2e194af6de087792a5c2921833e53f823e3ddf9971129e33
-
SSDEEP
12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEtg888888888888W888888E:NNzCtUpQ9WWPBSSRMTEpXNY
-
Detects Renamer worm.
Renamer aka Grename is worm written in Delphi.
-
Renamer family
-
Drops startup file
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-