General
-
Target
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53
-
Size
50KB
-
Sample
250519-s5jrba1jw4
-
MD5
627414752735d104a635176e57c8df85
-
SHA1
3c7f740cbd1afdab5a4f32c0346c1f85404abbb5
-
SHA256
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53
-
SHA512
e2a552785afcbf04ea81b30209ab336f55ab06916ee8d9847eaec0b7b714c5fc3181bfb7ca6f845337278c05b50f2fe939b855e60f80499678786919bd727bc3
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rO2aZZ4FLz8ae+rOn8ae+rO2a9:uGIIVGIIp
Static task
static1
Behavioral task
behavioral1
Sample
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53
-
Size
50KB
-
MD5
627414752735d104a635176e57c8df85
-
SHA1
3c7f740cbd1afdab5a4f32c0346c1f85404abbb5
-
SHA256
492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53
-
SHA512
e2a552785afcbf04ea81b30209ab336f55ab06916ee8d9847eaec0b7b714c5fc3181bfb7ca6f845337278c05b50f2fe939b855e60f80499678786919bd727bc3
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rO2aZZ4FLz8ae+rOn8ae+rO2a9:uGIIVGIIp
Score9/10-
Renames multiple (5234) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Drops file in System32 directory
-