General
-
Target
7ba9adc6a0d487a4748d1a1474b07d359f4695d41841dfc920ff4eada910d797.exe
-
Size
79KB
-
Sample
250205-n471asvqcz
-
MD5
0ebc107a0fb56d77759a635e9d043228
-
SHA1
ec7a1e7132f5c3140ff06c542782388576a128f8
-
SHA256
7ba9adc6a0d487a4748d1a1474b07d359f4695d41841dfc920ff4eada910d797
-
SHA512
794eda52f2ff8b10518f59963ce6018b1b954a65bbe662d1b5db761f1ec9828cbdbcdff079fb39f08cf2ae151cdb3cc90c422501ace427637d20f502bffab9fe
-
SSDEEP
1536:/tUknV9M6+ygXCNoNGtmFWZPhV8owtnMQPo9NSw249gdhwA2jeddMB:fCygXkoNGtmQZ5wbAzSm9gdhj2a6B
Static task
static1
Behavioral task
behavioral1
Sample
7ba9adc6a0d487a4748d1a1474b07d359f4695d41841dfc920ff4eada910d797.exe
Resource
win7-20241010-en
Malware Config
Extracted
C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
http://golden5a4eqranh7.onion/x4UXrJWs
http://goldeny4vs3nyoht.onion/x4UXrJWs
Extracted
C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
http://golden5a4eqranh7.onion/wm9hbfMQ
http://goldeny4vs3nyoht.onion/wm9hbfMQ
Targets
-
-
Target
7ba9adc6a0d487a4748d1a1474b07d359f4695d41841dfc920ff4eada910d797.exe
-
Size
79KB
-
MD5
0ebc107a0fb56d77759a635e9d043228
-
SHA1
ec7a1e7132f5c3140ff06c542782388576a128f8
-
SHA256
7ba9adc6a0d487a4748d1a1474b07d359f4695d41841dfc920ff4eada910d797
-
SHA512
794eda52f2ff8b10518f59963ce6018b1b954a65bbe662d1b5db761f1ec9828cbdbcdff079fb39f08cf2ae151cdb3cc90c422501ace427637d20f502bffab9fe
-
SSDEEP
1536:/tUknV9M6+ygXCNoNGtmFWZPhV8owtnMQPo9NSw249gdhwA2jeddMB:fCygXkoNGtmQZ5wbAzSm9gdhj2a6B
-
Seon
The Seon Ransomware is an encryption ransomware Trojan first observed on November 14, 2018.
-
Seon family
-
Renames multiple (235) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-