b2dbc0e4ec1be3a0ccf1e416032b2a28da7756ada51bfdb5b276742432ec53ab | Triage

Submit
Reports

Overview

overview

8

Static

static

Ranesomwar...in.exe

windows7_x64

8

Ranesomwar...in.exe

windows10_x64

8

Sharing

General

Target

Ranesomware_protected.bin.zip
Size

2.0MB
Sample

200903-lhrwvx9ksx
MD5

92d37ecb9bcf1be5277274d68c3ec29e
SHA1

a812801fc0efcb8759b9fce43fb96aeca0185968
SHA256

b2dbc0e4ec1be3a0ccf1e416032b2a28da7756ada51bfdb5b276742432ec53ab
SHA512

1f89acf5b9660c4c5863d454ff79b03b362b58a9c976c21394c82b34965488ceaac21634a847077ad8c83bb4063004e649ec318ea6286e2b637fcf40612f7a31

Score

8^/10

ransomware

Static task

static1

Behavioral task

behavioral1

Sample

Ranesomware_protected.bin.exe

Resource

win7v200722

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Ranesomware_protected.bin.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Ranesomware_protected.bin
- Size
  
  2.0MB
- MD5
  
  dc7018f6363337ca3f0bd43894ce6aa0
- SHA1
  
  72a3073a260bc768ffa1c22b447e0ba4a10a1f10
- SHA256
  
  70733389c89b4358f04575226a8ce60c4511018c98731a2ff7f556c29447e4a4
- SHA512
  
  50c8b2bbcea81f231ba8e6ae03360e7ee6555fc94ea27dbbeece74b4d516d030b7c37d05b9338910d558397707dab502bccb13bc4a538fc8a254576c69f33c07
Score

8^/10

ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy