Overview

overview

9

Static

static

3

bf04a197b4...36.exe

windows7-x64

9

bf04a197b4...36.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36

  • Size

    136KB

  • Sample

    240420-cndkzadg63

  • MD5

    3cf76c990ec3d53dca6ddd837baea433

  • SHA1

    8353a89eb9076d8913c8be161244f3df8579cf6b

  • SHA256

    bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36

  • SHA512

    76396c26dd2829c0802ff4ddd48786a65f051c73dd98c444ab487b2e6c2af8ffdd28b38c76cd607d326b7b38fdc7f22cb68f25c74ce3d123b0004809d32bb604

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUrt7tce7WpP9oVLQthbYY9oVLQthbUrt7tN:RqAjqAR

Score
9/10
ransomware

Malware Config

Targets

    • Target

      bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36

    • Size

      136KB

    • MD5

      3cf76c990ec3d53dca6ddd837baea433

    • SHA1

      8353a89eb9076d8913c8be161244f3df8579cf6b

    • SHA256

      bf04a197b4b9786a398841b00e9a9374a463df7fb23cf3866bfcf0e7b9061d36

    • SHA512

      76396c26dd2829c0802ff4ddd48786a65f051c73dd98c444ab487b2e6c2af8ffdd28b38c76cd607d326b7b38fdc7f22cb68f25c74ce3d123b0004809d32bb604

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUrt7tce7WpP9oVLQthbYY9oVLQthbUrt7tN:RqAjqAR

    Score
    9/10
    ransomware

    • Renames multiple (4793) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks