General
-
Target
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae
-
Size
142KB
-
Sample
240701-fhxcnswhpe
-
MD5
e586b5ff901ff521eff048204b1974a9
-
SHA1
84f2ca0eca361c9553e471861a29832f2a7bbe2e
-
SHA256
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae
-
SHA512
2b1eec8efd076f02b5b227c03e1a4cf59be4c912ec1cc246eb26b25bd9304a4ad507791fa06e0e26c3ee06cc1dee6e03243ecad2faac987ca265f1c6ffd7a024
-
SSDEEP
1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCe7ZyqaFAxTWH1++PJHJXA/OsR:enaypQSoskdnaypQSoskQ
Behavioral task
behavioral1
Sample
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae
-
Size
142KB
-
MD5
e586b5ff901ff521eff048204b1974a9
-
SHA1
84f2ca0eca361c9553e471861a29832f2a7bbe2e
-
SHA256
fafbbd27f5ff67b77105397e1f33e974a296e67f23d0659cb947aec409d506ae
-
SHA512
2b1eec8efd076f02b5b227c03e1a4cf59be4c912ec1cc246eb26b25bd9304a4ad507791fa06e0e26c3ee06cc1dee6e03243ecad2faac987ca265f1c6ffd7a024
-
SSDEEP
1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCe7ZyqaFAxTWH1++PJHJXA/OsR:enaypQSoskdnaypQSoskQ
Score9/10-
Renames multiple (3615) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
UPX dump on OEP (original entry point)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-