Overview

overview

10

Static

static

10

ransomware...3n.exe

windows7-x64

ransomware...3n.exe

windows10-2004-x64

ransomware...le.exe

windows7-x64

ransomware...le.exe

windows10-2004-x64

ransomware...it.exe

windows7-x64

10

ransomware...it.exe

windows10-2004-x64

10

ransomware...le.exe

windows10-2004-x64

10

ransomware... 5.exe

windows7-x64

10

ransomware... 5.exe

windows10-2004-x64

10

ransomware...de.exe

windows7-x64

10

ransomware...de.exe

windows10-2004-x64

10

ransomware...ck.exe

windows7-x64

7

ransomware...ck.exe

windows10-2004-x64

7

ransomware...ye.exe

windows7-x64

6

ransomware...ye.exe

windows10-2004-x64

6

ransomware...ap.exe

windows7-x64

6

ransomware...ap.exe

windows10-2004-x64

6

ransomware...ya.exe

windows7-x64

6

ransomware...ya.exe

windows10-2004-x64

6

ransomware...om.exe

windows7-x64

10

ransomware...om.exe

windows10-2004-x64

10

ransomware...ab.exe

windows7-x64

10

ransomware...ab.exe

windows10-2004-x64

10

ransomware...ye.exe

windows7-x64

10

ransomware...ye.exe

windows10-2004-x64

10

ransomware...ni.exe

windows7-x64

10

ransomware...ni.exe

windows10-2004-x64

10

ransomware...pt.exe

windows7-x64

10

ransomware...pt.exe

windows10-2004-x64

10

ransomware...ya.exe

windows7-x64

7

ransomware...ya.exe

windows10-2004-x64

7

ransomware...en.exe

windows7-x64

8

Analysis

  • max time kernel
    0s
  • max time network
    3s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-03-2024 04:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ransomwares/FakePetya/FakePetya.exe

  • Size

    55KB

  • MD5

    c01399c30e8744681251164fae8dca01

  • SHA1

    46e215f2b1b3ab8b56d5a010b32e0da80b356d2f

  • SHA256

    4146805a52db2d4fdb1183bb45f0cd4d90cf184cbd0d5ec2cf370e2fa2813cd7

  • SHA512

    cc9e3e23dbe4ae9a2828c12de0fb0a593c5f7a4cd31ba7cc7457d3b3eee04931542b0dc925adc9960ea1051915dcc349460e262ca8770ba99b4c50e9804c1b08

  • SSDEEP

    768:ZI3niJqlQTwuJVu8CX729+Nl/ObYxDlj6rJADzA4zt+jsIu8x:S3iJqlQj1K9NDDl2g8jsIfx

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\ransomwares\FakePetya\FakePetya.exe
    "C:\Users\Admin\AppData\Local\Temp\ransomwares\FakePetya\FakePetya.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:2012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads