General
-
Target
64bit.exe
-
Size
501KB
-
Sample
250518-wcxz1sam8w
-
MD5
d7f5e0d6c741324ad30dcd682e20715f
-
SHA1
e4a4a6b0124b7401d533e693a0b887e6c94c6356
-
SHA256
5926b866a03eeb02257933c50ef6f2f73db4691c2b1d550f40391b036010916f
-
SHA512
872883ec0fb0819105d44ccc0140adbfb3c85e7326ab099ff503872947e65f3f92a27daef3d084523efd138802b261d3d06f2cce4b5284d2249c324b5d56ff90
-
SSDEEP
6144:zIEXmAeS+xKnkf2Ru52tKVueiEwHyLiv9U4TS629ZSTx+gmogOKsZetNDV/z5inK:zjWKfkuI80O4uFjJTEnBT+tI
Static task
static1
Behavioral task
behavioral1
Sample
64bit.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
64bit.exe
-
Size
501KB
-
MD5
d7f5e0d6c741324ad30dcd682e20715f
-
SHA1
e4a4a6b0124b7401d533e693a0b887e6c94c6356
-
SHA256
5926b866a03eeb02257933c50ef6f2f73db4691c2b1d550f40391b036010916f
-
SHA512
872883ec0fb0819105d44ccc0140adbfb3c85e7326ab099ff503872947e65f3f92a27daef3d084523efd138802b261d3d06f2cce4b5284d2249c324b5d56ff90
-
SSDEEP
6144:zIEXmAeS+xKnkf2Ru52tKVueiEwHyLiv9U4TS629ZSTx+gmogOKsZetNDV/z5inK:zjWKfkuI80O4uFjJTEnBT+tI
-
Renames multiple (25661) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Drops startup file
-
Drops file in System32 directory
-