Overview

overview

9

Static

static

3

WindowsFormsApp4.exe

windows11-21h2-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    WindowsFormsApp4.exe

  • Size

    19KB

  • Sample

    240418-vcl23shh78

  • MD5

    1f79daf5f3ad1afcffb4d96efe536885

  • SHA1

    0d8b87779ceea595d1f9bb6ba708dffebdd2808f

  • SHA256

    17bdec829ae3d9c0fb33d617d0cd826f87dc363a767d946067ef6b08e045ad5d

  • SHA512

    cb346f3f678f77c7c7c26845ff6a4c103695584ec13e42432cce1dea84a36654d014d03fac67faf7247c7723222fcef6efb1303950c27711724e61691196157e

  • SSDEEP

    384:wKHv2jkK/N9vNxsrG7LMLcqglOCLULILLEzmZBYVSbQFf0pu5tptYcFwVc03K:dvglBwrG/gt+Y8A8BYobQ6pu5ftYcFwe

Score
9/10
ransomware

Malware Config

Targets

    • Target

      WindowsFormsApp4.exe

    • Size

      19KB

    • MD5

      1f79daf5f3ad1afcffb4d96efe536885

    • SHA1

      0d8b87779ceea595d1f9bb6ba708dffebdd2808f

    • SHA256

      17bdec829ae3d9c0fb33d617d0cd826f87dc363a767d946067ef6b08e045ad5d

    • SHA512

      cb346f3f678f77c7c7c26845ff6a4c103695584ec13e42432cce1dea84a36654d014d03fac67faf7247c7723222fcef6efb1303950c27711724e61691196157e

    • SSDEEP

      384:wKHv2jkK/N9vNxsrG7LMLcqglOCLULILLEzmZBYVSbQFf0pu5tptYcFwVc03K:dvglBwrG/gt+Y8A8BYobQ6pu5ftYcFwe

    Score
    9/10
    ransomware

    • Renames multiple (6683) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks