General
-
Target
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea
-
Size
83KB
-
Sample
240701-cre8zatamg
-
MD5
7cf549d9fff1643e96508a8b0cac068d
-
SHA1
1ae3edbbbebf31ac889cece6e60924d5d5cfb0f6
-
SHA256
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea
-
SHA512
d8c6e870e616e7f8f4a36b06987d37b204645c9fca275ea08547c22cc80610abfb34d2ea3113d62505289e29482bff5e558a0ca183f27f551996c70946889058
-
SSDEEP
768:W7BlpppARFbhMK4og7BlpppARFbhMK4ov:W7ZppApMK4og7ZppApMK4ov
Static task
static1
Behavioral task
behavioral1
Sample
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea
-
Size
83KB
-
MD5
7cf549d9fff1643e96508a8b0cac068d
-
SHA1
1ae3edbbbebf31ac889cece6e60924d5d5cfb0f6
-
SHA256
c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea
-
SHA512
d8c6e870e616e7f8f4a36b06987d37b204645c9fca275ea08547c22cc80610abfb34d2ea3113d62505289e29482bff5e558a0ca183f27f551996c70946889058
-
SSDEEP
768:W7BlpppARFbhMK4og7BlpppARFbhMK4ov:W7ZppApMK4og7ZppApMK4ov
Score9/10-
Renames multiple (4444) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-