Overview
overview
10Static
static
7Ransomware...er.exe
windows10-2004-x64
8Ransomware/7ev3n.exe
windows10-2004-x64
Ransomware...le.exe
windows10-2004-x64
Ransomware...it.exe
windows10-2004-x64
10Ransomware/Birele.exe
windows10-2004-x64
10Ransomware...r5.exe
windows10-2004-x64
8Ransomware...us.exe
windows10-2004-x64
10Ransomware...er.exe
windows10-2004-x64
10Ransomware...ll.exe
windows10-2004-x64
7Ransomware...ck.exe
windows10-2004-x64
7Ransomware/Dharma.exe
windows10-2004-x64
9Ransomware/Fantom.exe
windows10-2004-x64
10Ransomware...ab.exe
windows10-2004-x64
7Ransomware...ye.exe
windows10-2004-x64
10Ransomware...Eye.js
windows10-2004-x64
10Ransomware...pt.exe
windows10-2004-x64
10Ransomware...en.exe
windows10-2004-x64
8Ransomware...AZ.dll
windows10-2004-x64
3Ransomware...om.exe
windows10-2004-x64
10Ransomware...ya.exe
windows10-2004-x64
10Ransomware...ap.exe
windows10-2004-x64
1Ransomware....A.exe
windows10-2004-x64
6Ransomware...om.exe
windows10-2004-x64
10Ransomware...nt.exe
windows10-2004-x64
Ransomware...ot.exe
windows10-2004-x64
Ransomware/RedEye.exe
windows10-2004-x64
Ransomware...re.exe
windows10-2004-x64
7Ransomware/Rokku.exe
windows10-2004-x64
10Ransomware/Satana.exe
windows10-2004-x64
5Ransomware/Seftad.exe
windows10-2004-x64
6Ransomware...re.exe
windows10-2004-x64
10Ransomware/UIWIX.dll
windows10-2004-x64
1Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-uk -
resource tags
arch:x64arch:x86image:win10v2004-20240226-uklocale:uk-uaos:windows10-2004-x64systemwindows -
submitted
03-03-2024 13:53
Behavioral task
behavioral1
Sample
Ransomware/$uckyLocker.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral2
Sample
Ransomware/7ev3n.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral3
Sample
Ransomware/Annabelle.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral4
Sample
Ransomware/BadRabbit.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral5
Sample
Ransomware/Birele.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral6
Sample
Ransomware/Cerber5.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral7
Sample
Ransomware/CoronaVirus.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral8
Sample
Ransomware/CryptoLocker.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral9
Sample
Ransomware/CryptoWall.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral10
Sample
Ransomware/DeriaLock.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral11
Sample
Ransomware/Dharma.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral12
Sample
Ransomware/Fantom.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral13
Sample
Ransomware/GandCrab.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral14
Sample
Ransomware/GoldenEye/GoldenEye.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral15
Sample
Ransomware/GoldenEye/GoldenEye.js
Resource
win10v2004-20240226-uk
Behavioral task
behavioral16
Sample
Ransomware/InfinityCrypt.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral17
Sample
Ransomware/Krotten.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral18
Sample
Ransomware/Locky.AZ.dll
Resource
win10v2004-20240226-uk
Behavioral task
behavioral19
Sample
Ransomware/NoMoreRansom.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral20
Sample
Ransomware/NotPetya.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral21
Sample
Ransomware/PetrWrap.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral22
Sample
Ransomware/Petya.A.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral23
Sample
Ransomware/PolyRansom.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral24
Sample
Ransomware/PowerPoint.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral25
Sample
Ransomware/RedBoot.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral26
Sample
Ransomware/RedEye.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral27
Sample
Ransomware/Rensenware.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral28
Sample
Ransomware/Rokku.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral29
Sample
Ransomware/Satana.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral30
Sample
Ransomware/Seftad.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral31
Sample
Ransomware/SporaRansomware.exe
Resource
win10v2004-20240226-uk
Behavioral task
behavioral32
Sample
Ransomware/UIWIX.dll
Resource
win10v2004-20240226-uk
General
-
Target
Ransomware/UIWIX.dll
-
Size
211KB
-
MD5
a933a1a402775cfa94b6bee0963f4b46
-
SHA1
18aa7b02f933c753989ba3d16698a5ee3a4d9420
-
SHA256
146581f0b3fbe00026ee3ebe68797b0e57f39d1d8aecc99fdc3290e9cfadc4fc
-
SHA512
d83da3c97ffd78c42f49b7bfb50525e7c964004b4b7d9cba839c0d8bf3a5fe0424be3b3782e33c57debc6b13b5420a3fa096643c8b7376b3accfb1bc4e7d7368
-
SSDEEP
6144:7hsIquZ3xJ7zOUTPQcXK9GMgCsO92FCPot+M:9LquZ3n6cXDM5X2FCgt+M
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1844 wrote to memory of 3416 1844 rundll32.exe 88 PID 1844 wrote to memory of 3416 1844 rundll32.exe 88 PID 1844 wrote to memory of 3416 1844 rundll32.exe 88