Overview

overview

9

Static

static

3

865df68f14...0b.exe

windows7-x64

9

865df68f14...0b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    865df68f14ab0adbf4de4ed95c8b4ef721c40c57ebb74241cae91ae9fd37b40b

  • Size

    201KB

  • Sample

    240409-1f4n7afg81

  • MD5

    5a84d675b8c0ca72dd488b673cd5ab46

  • SHA1

    74941df7143aacd80ac2530a1d16bd32f737b8fc

  • SHA256

    865df68f14ab0adbf4de4ed95c8b4ef721c40c57ebb74241cae91ae9fd37b40b

  • SHA512

    fba20b56e60c24e4dea50ebd4cea172d9c4a3c9ee9ac52b6b124e2171a253d870b55f8fb2c1ebee2185a6a3c15581c8c9ff44840bea3642b5e5f3a9f203522d2

  • SSDEEP

    3072:6QWpBe+eoO6OLQWpBe+eoO6OgEWzVNOx0ypIzIu73mYdE9d3s9XL7EWzVNOx0ypd:WTe+ebTe+e7

Score
9/10
ransomware

Malware Config

Targets

    • Target

      865df68f14ab0adbf4de4ed95c8b4ef721c40c57ebb74241cae91ae9fd37b40b

    • Size

      201KB

    • MD5

      5a84d675b8c0ca72dd488b673cd5ab46

    • SHA1

      74941df7143aacd80ac2530a1d16bd32f737b8fc

    • SHA256

      865df68f14ab0adbf4de4ed95c8b4ef721c40c57ebb74241cae91ae9fd37b40b

    • SHA512

      fba20b56e60c24e4dea50ebd4cea172d9c4a3c9ee9ac52b6b124e2171a253d870b55f8fb2c1ebee2185a6a3c15581c8c9ff44840bea3642b5e5f3a9f203522d2

    • SSDEEP

      3072:6QWpBe+eoO6OLQWpBe+eoO6OgEWzVNOx0ypIzIu73mYdE9d3s9XL7EWzVNOx0ypd:WTe+ebTe+e7

    Score
    9/10
    ransomware

    • Renames multiple (397) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks