General
-
Target
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18.bin
-
Size
58KB
-
Sample
201103-t4vlwvz2pe
-
MD5
69b2e5d45b9eb9b7d342f6f580dd6ba8
-
SHA1
6005c62f68ab4541e4d285d5e20877904b08fc48
-
SHA256
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18
-
SHA512
511d47ebbc55fa612ef8755446b835079bb6c09c22fe6987ed9170a1efabc2f5ada0e9f801899e5f315401aa8d4408e0883f34d8d4fbd6dcf944a6b99e0af430
Static task
static1
Behavioral task
behavioral1
Sample
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18.bin.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18.bin
-
Size
58KB
-
MD5
69b2e5d45b9eb9b7d342f6f580dd6ba8
-
SHA1
6005c62f68ab4541e4d285d5e20877904b08fc48
-
SHA256
ec9b412e9a6e0da1a21c01158c4c8313b61b033f58d16d913d72229794069d18
-
SHA512
511d47ebbc55fa612ef8755446b835079bb6c09c22fe6987ed9170a1efabc2f5ada0e9f801899e5f315401aa8d4408e0883f34d8d4fbd6dcf944a6b99e0af430
Score9/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Possible privilege escalation attempt
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-