General
-
Target
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01.bin
-
Size
1.2MB
-
Sample
201021-8p9xns99lx
-
MD5
7e34c5bd27f25a1e1d47a27702708e28
-
SHA1
fb65ea1cc1d81a17effe16ecd2d10f34975a67d8
-
SHA256
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01
-
SHA512
2b4099e3f15dfd6414c812e87c5f8cfd1926234012e6c67e71433bc4bed7c823ca6d19f8bb927d16ee8e32859b663a9cbccc890eedb3cdaebb8ec2c04784114f
Static task
static1
Behavioral task
behavioral1
Sample
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01.bin.exe
Resource
win7
Behavioral task
behavioral2
Sample
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01.bin.exe
Resource
win10v200722
Malware Config
Targets
-
-
Target
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01.bin
-
Size
1.2MB
-
MD5
7e34c5bd27f25a1e1d47a27702708e28
-
SHA1
fb65ea1cc1d81a17effe16ecd2d10f34975a67d8
-
SHA256
8dc3389d37519b24aef2bcf2a15530ea1b13ff4b98228967c9876835bdb99a01
-
SHA512
2b4099e3f15dfd6414c812e87c5f8cfd1926234012e6c67e71433bc4bed7c823ca6d19f8bb927d16ee8e32859b663a9cbccc890eedb3cdaebb8ec2c04784114f
Score9/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Possible privilege escalation attempt
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-