Overview

overview

9

Static

static

3

759b06eab7...b7.exe

windows7-x64

9

759b06eab7...b7.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    759b06eab7ebf0dde75a00c2737ea15ebe528fee415962bab23329363b7e1eb7

  • Size

    390KB

  • Sample

    240418-3e7essaa28

  • MD5

    60e1792058c82af983b1c31ef587f2f3

  • SHA1

    49b08031f9f245addf076a89165075c40fbe7d5e

  • SHA256

    759b06eab7ebf0dde75a00c2737ea15ebe528fee415962bab23329363b7e1eb7

  • SHA512

    f31b66a06209bb289ebbd4e64794aaa57a9b59a85ccc2aae1a7ae1b86dec023fe75b1f2f0cf12dc16d6ac4044b481cc970e641c272eb435c945c2fcdf6f39385

  • SSDEEP

    6144:RqKvb0CYJ973e+eKZ25T/4DO/B5fpRr3TmiTVVmVVV8VVNVVVcVVVxVVVPVVlVVG:vvbxYX7Z25j4DO/B5fn5ca

Score
9/10
ransomware

Malware Config

Targets

    • Target

      759b06eab7ebf0dde75a00c2737ea15ebe528fee415962bab23329363b7e1eb7

    • Size

      390KB

    • MD5

      60e1792058c82af983b1c31ef587f2f3

    • SHA1

      49b08031f9f245addf076a89165075c40fbe7d5e

    • SHA256

      759b06eab7ebf0dde75a00c2737ea15ebe528fee415962bab23329363b7e1eb7

    • SHA512

      f31b66a06209bb289ebbd4e64794aaa57a9b59a85ccc2aae1a7ae1b86dec023fe75b1f2f0cf12dc16d6ac4044b481cc970e641c272eb435c945c2fcdf6f39385

    • SSDEEP

      6144:RqKvb0CYJ973e+eKZ25T/4DO/B5fpRr3TmiTVVmVVV8VVNVVVcVVVxVVVPVVlVVG:vvbxYX7Z25j4DO/B5fn5ca

    Score
    9/10
    ransomware

    • Renames multiple (3464) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks