65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a | Triage

Analysis

max time kernel
3s
max time network
8s
platform
windows7_x64
resource
win7v20201028
submitted
29/10/2020, 09:20

Sharing

Report Analysis Logs

General

Target

65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
Size

2.1MB
MD5

1834cc461a22b869a4056a758a3d00ac
SHA1

5f9e4c868771b8897640ef973cc8a62c8a7705c0
SHA256

65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a
SHA512

512620c4c081497e928556c638c72e12984b85e45419238e5c6bcc96dd10da3b63edc048731b926e716bff3db0c2b9335c95612fc2ec00c48db595c4a3f1b92d

Score

8^/10

ransomware

Malware Config

Signatures

Modifies extensions of user files 5 IoCs

Ransomware generally changes the extension on encrypted files.

description	ioc	Process
File created	C:\Users\Admin\Pictures\PushRedo.tiff.SNPDRGN	65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
File created	C:\Users\Admin\Pictures\SuspendFormat.crw.SNPDRGN	65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
File created	C:\Users\Admin\Pictures\UnlockUnprotect.tiff.SNPDRGN	65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
File created	C:\Users\Admin\Pictures\GetCheckpoint.tif.SNPDRGN	65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
File created	C:\Users\Admin\Pictures\OptimizeRegister.raw.SNPDRGN	65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe

C:\Users\Admin\AppData\Local\Temp\65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe
"C:\Users\Admin\AppData\Local\Temp\65a31cc335643e9c753b58bd7ac030f62033c1874c6f09e154e2be8a48a5f21a.bin.sample.exe"
1⤵
- Modifies extensions of user files
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1700-0-0x0000000000400000-0x0000000000638000-memory.dmp

Filesize
2.2MB

Download