Overview

overview

9

Static

static

3

R0CKZZ.exe

windows10-1703-x64

9

Resubmissions

15/03/2024, 22:01

240315-1xmf8sdh64 9

15/03/2024, 21:58

240315-1vhp9sdh39 9

Sharing

Copy URL Twitter E-mail

General

  • Target

    R0CKZZ.exe

  • Size

    10.6MB

  • Sample

    240315-1xmf8sdh64

  • MD5

    394f46b5d437174152c4053d432a9848

  • SHA1

    7611e79bb61f1d5cd682d19b53ded4b78caf2f38

  • SHA256

    b43686139808972b7cfe818a878da719ee6d5287ff3771441e37c886993c42ec

  • SHA512

    4e8b55a9e1e0a30a976d0d3c0343c8c3bc9b9b286cb9906be973e11335fb701f89386b5342afd6d49795cae42f0dafe4001883abd47ae07b6f8ebe7d0f50b709

  • SSDEEP

    196608:vdlIKYqPpGAjMGhuPD5U4YA1HeT39IigSvKub75bcjWgbaWzfQSkjp38p:FC+P8AxYDX1+TtIirvB5IjWqaWza

Score
9/10
pyinstallerransomware

Malware Config

Targets

    • Target

      R0CKZZ.exe

    • Size

      10.6MB

    • MD5

      394f46b5d437174152c4053d432a9848

    • SHA1

      7611e79bb61f1d5cd682d19b53ded4b78caf2f38

    • SHA256

      b43686139808972b7cfe818a878da719ee6d5287ff3771441e37c886993c42ec

    • SHA512

      4e8b55a9e1e0a30a976d0d3c0343c8c3bc9b9b286cb9906be973e11335fb701f89386b5342afd6d49795cae42f0dafe4001883abd47ae07b6f8ebe7d0f50b709

    • SSDEEP

      196608:vdlIKYqPpGAjMGhuPD5U4YA1HeT39IigSvKub75bcjWgbaWzfQSkjp38p:FC+P8AxYDX1+TtIirvB5IjWqaWza

    Score
    9/10
    ransomware

    • Renames multiple (171) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks