Overview

overview

9

Static

static

3

9b6be74c2c...3f.exe

windows7-x64

7

9b6be74c2c...3f.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b6be74c2c144f8bcb92c8350855d35c14bb7f2b727551c3dd5c8054c4136e3f.zip

  • Size

    10.2MB

  • Sample

    231105-clx7lahe4y

  • MD5

    1a9f016a4c5c7f2ce219f1035c6d5a0b

  • SHA1

    3de4b1bc749fd9bc411424c80f0711853599f3e5

  • SHA256

    8760fa86e0b22e4a1f772b985dd86a9e8b8cdd7cd7a2ba473410315f0cb9a4b2

  • SHA512

    9c08249287543e51f2df8988d431ffb4353cee2583abe7421c2c4aab9db2f156a40019d6ca20e1b96969f4fef4d03a4fdb1067f98da86e7ca3139f9d2b238863

  • SSDEEP

    196608:ce36Ug9UT6REM7YUYH+40eIxC3jswkbcSGtbft/XyBDfbMWTqMicw48oG+n4byZo:96BU+RX7Q+4Zs2XkvGpV/Xe7Bv18v8Ax

Score
9/10
pyinstallerransomware

Malware Config

Targets

    • Target

      9b6be74c2c144f8bcb92c8350855d35c14bb7f2b727551c3dd5c8054c4136e3f

    • Size

      10.4MB

    • MD5

      00c69252bc0e896e2a8b0a9a3d68e41e

    • SHA1

      37d01981b79ac2e397ef7264d6dcf568634c01c7

    • SHA256

      9b6be74c2c144f8bcb92c8350855d35c14bb7f2b727551c3dd5c8054c4136e3f

    • SHA512

      a7701f865063cf73c2fe57265931f9177b69f34599903204cae4cc7f59de22de07bc0880f0274fc8663b4b772478fdd7b677e9f7beb37733ad8a63037157f7c2

    • SSDEEP

      196608:pINtwZV9xnc45SyY+GOe42yOmL2Vmd6+D/2c/f/+SHSEqEEQ+Knm/Z1y:otS9xnnSyY+k4tOmL2Vmd6m+c/eFR4C1

    Score
    9/10
    ransomware

    • Renames multiple (5244) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks