General
-
Target
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d
-
Size
36KB
-
Sample
250518-tfe79svlt6
-
MD5
72e2079dd588613e330323a7a4bedfc5
-
SHA1
84fe1e7492017ea8a1b1f3ea8c8f7d35b510538c
-
SHA256
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d
-
SHA512
b3cacee21c0ca94dd4d2d7302fac32fa5b7c9c4487b5aa7240009f3fa326fe776a03d9ae73102c1eb4272d56665552556319a0873af1df965a7bc95bfecd1e9f
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rObfLZ4FLz8ae+rOn8ae+rObfa:uGIIXGIIe
Static task
static1
Behavioral task
behavioral1
Sample
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d
-
Size
36KB
-
MD5
72e2079dd588613e330323a7a4bedfc5
-
SHA1
84fe1e7492017ea8a1b1f3ea8c8f7d35b510538c
-
SHA256
ea0164af4af1df272eb73bc76f968dd0c6db95e5dc5c4b19551edec65179376d
-
SHA512
b3cacee21c0ca94dd4d2d7302fac32fa5b7c9c4487b5aa7240009f3fa326fe776a03d9ae73102c1eb4272d56665552556319a0873af1df965a7bc95bfecd1e9f
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rObfLZ4FLz8ae+rOn8ae+rObfa:uGIIXGIIe
Score9/10-
Renames multiple (5247) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Drops file in System32 directory
-