General
-
Target
f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23
-
Size
156KB
-
Sample
250519-v98bkscl2s
-
MD5
b8a475251ddc1a00b3a426e6946c4485
-
SHA1
f43991636722f1078a2d0181ac990ab9d3b20c19
-
SHA256
f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23
-
SHA512
0267c740ebd440d3744ad35cd097bacf1d6133219b133c287d5b0d8f2175e9f92e90c04c435dad5f04b18dccdc71cbffd33d437dd5e65fc1330a4ebed4ea434b
-
SSDEEP
3072:/WTSIoXkZA/gwjHnrhtVufJO05m4uvHwog8yT5Fog:/WTSIoXNHnr1GJOl4uvjgddFT
Static task
static1
Behavioral task
behavioral1
Sample
f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23
-
Size
156KB
-
MD5
b8a475251ddc1a00b3a426e6946c4485
-
SHA1
f43991636722f1078a2d0181ac990ab9d3b20c19
-
SHA256
f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23
-
SHA512
0267c740ebd440d3744ad35cd097bacf1d6133219b133c287d5b0d8f2175e9f92e90c04c435dad5f04b18dccdc71cbffd33d437dd5e65fc1330a4ebed4ea434b
-
SSDEEP
3072:/WTSIoXkZA/gwjHnrhtVufJO05m4uvHwog8yT5Fog:/WTSIoXNHnr1GJOl4uvjgddFT
Score9/10-
Renames multiple (5343) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Drops file in System32 directory
-