Overview

overview

10

Static

static

3

ae2b7b9558...ce.exe

windows7-x64

10

ae2b7b9558...ce.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae2b7b9558ccb84393dc9805186a90ce

  • Size

    656KB

  • Sample

    240229-lcsp7ach36

  • MD5

    ae2b7b9558ccb84393dc9805186a90ce

  • SHA1

    cfcf022cee54d70c28a44ec82fdb2b151bf29a46

  • SHA256

    39c67c0c86de0db51f75149ae415b71251c63ac42c763588d36e8f091000e064

  • SHA512

    5acd90e04741dcc9c7324106d916fab298480329a7215526a79e9e08d2344b2ec61120eb8cbe4520d659a1e952428f988caf473c0f2594b590e1129b44a15919

  • SSDEEP

    12288:Pp4pNfz3ymJnJ8QCFkxCaQTOl2KCsltHI:xEtl9mRda1MIHI

Score
10/10
persistenceransomware

Malware Config

Targets

    • Target

      ae2b7b9558ccb84393dc9805186a90ce

    • Size

      656KB

    • MD5

      ae2b7b9558ccb84393dc9805186a90ce

    • SHA1

      cfcf022cee54d70c28a44ec82fdb2b151bf29a46

    • SHA256

      39c67c0c86de0db51f75149ae415b71251c63ac42c763588d36e8f091000e064

    • SHA512

      5acd90e04741dcc9c7324106d916fab298480329a7215526a79e9e08d2344b2ec61120eb8cbe4520d659a1e952428f988caf473c0f2594b590e1129b44a15919

    • SSDEEP

      12288:Pp4pNfz3ymJnJ8QCFkxCaQTOl2KCsltHI:xEtl9mRda1MIHI

    Score
    10/10
    persistenceransomware

    • Modifies WinLogon for persistence

      persistence

    • Renames multiple (91) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.