Overview

overview

9

Static

static

3

loader.exe

windows7-x64

7

loader.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    loader.exe

  • Size

    10.9MB

  • Sample

    240212-y63tgabe91

  • MD5

    813b1cb95810a78df64d81a506f66d1d

  • SHA1

    1484b11cf125ac25988a0b0028dfe885e5d29eab

  • SHA256

    3674017938c439dd047977ee593de98b239e4b25ff82d97cd1dfe7576a347a04

  • SHA512

    a3f7b5a7ec2ec3bf74cdf80f21ca89569888fcbe111506d95fbb5758e5322eb0de005d5c045474704d1cbd772e47670c8bac97cb9e05f0cfe2260d1d63062d54

  • SSDEEP

    196608:cEvQiI1vb0VzHkhDE1VU0qLDs1PxBRKb5ZWDwB+jFRjE98canLcU+nnPv0xKgu:zhI1vb0xEh2UdyPx3gZfBcRjFVsnXdgu

Score
9/10
pyinstallerransomware

Malware Config

Targets

    • Target

      loader.exe

    • Size

      10.9MB

    • MD5

      813b1cb95810a78df64d81a506f66d1d

    • SHA1

      1484b11cf125ac25988a0b0028dfe885e5d29eab

    • SHA256

      3674017938c439dd047977ee593de98b239e4b25ff82d97cd1dfe7576a347a04

    • SHA512

      a3f7b5a7ec2ec3bf74cdf80f21ca89569888fcbe111506d95fbb5758e5322eb0de005d5c045474704d1cbd772e47670c8bac97cb9e05f0cfe2260d1d63062d54

    • SSDEEP

      196608:cEvQiI1vb0VzHkhDE1VU0qLDs1PxBRKb5ZWDwB+jFRjE98canLcU+nnPv0xKgu:zhI1vb0xEh2UdyPx3gZfBcRjFVsnXdgu

    Score
    9/10
    ransomware

    • Renames multiple (89) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks