General
-
Target
6ff1bdcb65d7a4db76cc0e7be74d1d29f4e4e5b061f18c970bc260b193159b06
-
Size
36KB
-
Sample
250515-meyvnaek8t
-
MD5
20ec30b6afaecc7394752c143c4bc402
-
SHA1
96b4781f11399092b46fb0322c5382ae70b701df
-
SHA256
6ff1bdcb65d7a4db76cc0e7be74d1d29f4e4e5b061f18c970bc260b193159b06
-
SHA512
7c9dde450e0d55957807cd3936bf0cfa55bf80e4b89d952e194f178834fe57bb2bd4f2eb4b11436f3cbfbc426575313eeef19c84bf8997275201b8160630a210
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOCZ4FLz8ae+rOn8ae+rOz8/8d3zJ:uGIICGIIx3t
Static task
static1
Behavioral task
behavioral1
Sample
6ff1bdcb65d7a4db76cc0e7be74d1d29f4e4e5b061f18c970bc260b193159b06.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
6ff1bdcb65d7a4db76cc0e7be74d1d29f4e4e5b061f18c970bc260b193159b06
-
Size
36KB
-
MD5
20ec30b6afaecc7394752c143c4bc402
-
SHA1
96b4781f11399092b46fb0322c5382ae70b701df
-
SHA256
6ff1bdcb65d7a4db76cc0e7be74d1d29f4e4e5b061f18c970bc260b193159b06
-
SHA512
7c9dde450e0d55957807cd3936bf0cfa55bf80e4b89d952e194f178834fe57bb2bd4f2eb4b11436f3cbfbc426575313eeef19c84bf8997275201b8160630a210
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOCZ4FLz8ae+rOn8ae+rOz8/8d3zJ:uGIICGIIx3t
Score9/10-
Renames multiple (5080) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Drops file in System32 directory
-