General
-
Target
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21.sample
-
Size
60KB
-
Sample
210726-tramd3yg3j
-
MD5
eb86699181894931833816e860ab279d
-
SHA1
e98d1319d2614debebeeabc26616d327950f699e
-
SHA256
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21
-
SHA512
9b567fbca1cd9720c86bd848a49dc8aeda47104d06be7c4d7189a6a7ec6956c41ee5c40aac49f90067e7ab2e7b65078197b9f9d6c7a5e2c1c52b9ab971a6c714
Static task
static1
Behavioral task
behavioral1
Sample
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21.sample.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21.sample.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21.sample
-
Size
60KB
-
MD5
eb86699181894931833816e860ab279d
-
SHA1
e98d1319d2614debebeeabc26616d327950f699e
-
SHA256
06e3e56153ca25cb9790495f0768e9b615e088f9241ac7f3b974f2e9cd97bd21
-
SHA512
9b567fbca1cd9720c86bd848a49dc8aeda47104d06be7c4d7189a6a7ec6956c41ee5c40aac49f90067e7ab2e7b65078197b9f9d6c7a5e2c1c52b9ab971a6c714
Score9/10-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Possible privilege escalation attempt
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-