General
-
Target
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754
-
Size
163KB
-
Sample
240701-c58gnsxbqj
-
MD5
cce5b9a343ce65891f1e43e35d9c0f3b
-
SHA1
b73ce5b9d158fe5c262e6148b9dd0d6307a4c932
-
SHA256
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754
-
SHA512
820ad9e30fadf5d2efe5fc6249352365d6ff02ad397e305e95fd7bc83c4f8ec59bd673845e91e2ccfe6537da6ef54fe0e5931ca43a2018b705640edea73cb2e8
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxFy5gfcL5y5gfcLcwB7Zf/FAxTWY1+q:fnyiQSoXqeaqennyiQSoXqeaqee
Behavioral task
behavioral1
Sample
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754
-
Size
163KB
-
MD5
cce5b9a343ce65891f1e43e35d9c0f3b
-
SHA1
b73ce5b9d158fe5c262e6148b9dd0d6307a4c932
-
SHA256
c9cc2f7ebb277079e62733c0c4fc6d9e781a6656c7f6c787d5c6da3e6dae4754
-
SHA512
820ad9e30fadf5d2efe5fc6249352365d6ff02ad397e305e95fd7bc83c4f8ec59bd673845e91e2ccfe6537da6ef54fe0e5931ca43a2018b705640edea73cb2e8
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxFy5gfcL5y5gfcLcwB7Zf/FAxTWY1+q:fnyiQSoXqeaqennyiQSoXqeaqee
Score9/10-
Renames multiple (3229) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-