Extracted

• • Target

    05e4f234a0f177949f375a56b1a875c9ca3d2bee97a2cb73fc2708914416c5a9.exe

  • Size

    142KB

  • MD5

    9adde343f1b073cd9bbb22c33d31ec4a

  • SHA1

    913b9b095c37f2e17f472b8df92224560f60773e

  • SHA256

    05e4f234a0f177949f375a56b1a875c9ca3d2bee97a2cb73fc2708914416c5a9

  • SHA512

    99c5f1ea0e3c0c76c9d01e66aa235e33c1ab44f8792b1c4dbd61cd3fcc7e6fe03660dedaf1b8f1f83411be389f4f35caf241c9e4452c3bd4fb240e22ffad3bbc

  • SSDEEP

    3072:dW+oVroeQqaWrBLv+KuzxLO6qdJs4knXwehzNHF60N:FoqfqBHOZOjkBJdN

  Score

  10^/10

  inc_ransomdiscoveryransomwarecredential_accessstealer

  • INC Ransomware

    INC Ransom is a ransomware that emerged in July 2023.

    ransomwareinc_ransom

  • Inc_ransom family

    inc_ransom

  • Renames multiple (350) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Credentials from Password Stores: Windows Credential Manager

    Suspicious access to Credentials History.

    credential_accessstealer

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory

  • Sets desktop wallpaper using registry

    ransomware
  behavioral1behavioral2