General
-
Target
32bit.exe
-
Size
478KB
-
Sample
250518-wh4dzsan5w
-
MD5
aa5dd9410506e0145e1bdc3698d88beb
-
SHA1
7383b93d94c0ec1d710e46d60509ff6c5de36718
-
SHA256
3032b026ebd192e9cd58bb98f963db4abce0ca9f6f245de1c0926ae5cb980bea
-
SHA512
12b0bd916d997872c7264c141e252ed36fe6308ee1dd7f0a2f924265e16476b4eb970ec37ab90e81b19950d12a3e256ae8daff535d95f259b49d1dff9f400572
-
SSDEEP
6144:9RkIWS45DS6Fa1Egqg3RK0e8D+lxO4Wj0/ShxlpW3YaCO/Vtr+i1PCKWQkGgCnld:9RkaK2jOXawPnSbjhxlMfp/vK4V5xh3
Static task
static1
Behavioral task
behavioral1
Sample
32bit.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
32bit.exe
-
Size
478KB
-
MD5
aa5dd9410506e0145e1bdc3698d88beb
-
SHA1
7383b93d94c0ec1d710e46d60509ff6c5de36718
-
SHA256
3032b026ebd192e9cd58bb98f963db4abce0ca9f6f245de1c0926ae5cb980bea
-
SHA512
12b0bd916d997872c7264c141e252ed36fe6308ee1dd7f0a2f924265e16476b4eb970ec37ab90e81b19950d12a3e256ae8daff535d95f259b49d1dff9f400572
-
SSDEEP
6144:9RkIWS45DS6Fa1Egqg3RK0e8D+lxO4Wj0/ShxlpW3YaCO/Vtr+i1PCKWQkGgCnld:9RkaK2jOXawPnSbjhxlMfp/vK4V5xh3
-
Renames multiple (20910) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Drops startup file
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1