Overview

overview

9

Static

static

3

86d26e7a0a...8c.exe

windows7-x64

9

86d26e7a0a...8c.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 11:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    86d26e7a0a9831b1a03731d4e6c6738c.exe

  • Size

    117KB

  • MD5

    86d26e7a0a9831b1a03731d4e6c6738c

  • SHA1

    30e64147e601a80eb9433ffa8e9e0904b252a7cb

  • SHA256

    fc7f75fe80f80e220ae37c23db6d3a25644ad8286c354a916f56e3f08a365989

  • SHA512

    08fcdd8e9c3527016cc1d2f592c660b1fe0610616fe87f75fdbd38fe9a48bfdd162795408cce6441255d6becd7306b2e882025edf605bfbd6cc75dba34b4854d

  • SSDEEP

    768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5Y:/7ZQpApUsKiX26O

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3450) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86d26e7a0a9831b1a03731d4e6c6738c.exe
    "C:\Users\Admin\AppData\Local\Temp\86d26e7a0a9831b1a03731d4e6c6738c.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1848

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp
          Filesize

          117KB

          MD5

          9159fedcbc0751634244cee3b859667e

          SHA1

          e758e441c2be84b3ce18a7d82fed83febad853a0

          SHA256

          27535a8dc9c1e0309ce818942a9db29061bde4544b44333a3fdaa29e004d825d

          SHA512

          f3cd34a67991bbdadfca99112e27253eda5b9d3e3244dfdbd0e5192d375b704fa172566fdce7ab41fe8235f83d93275a1cf664a9ec3c00973969c6c0de3bf2c3

          Download Submit

        • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
          Filesize

          126KB

          MD5

          f8a6d7a04c456a7f42874d9f42f97fde

          SHA1

          33e6546dcb6e3265cd63388addfe7d5340ad16f5

          SHA256

          d677afec42279554d03be022c22e85ac5e223dd972a4b4757dce56498d7ac92c

          SHA512

          6eeb3e422ef05558a32feaee6088a14b73c1d6aac327401a6263c4b4389ef565c1aa8140c15d215795fce66be80cb517b38cc0006bfa9a747f93357285b53235

          Download Submit

        • memory/1848-0-0x0000000000400000-0x0000000000408000-memory.dmp

          Filesize

          32KB

          Download

        • memory/1848-550-0x0000000000400000-0x0000000000408000-memory.dmp

          Filesize

          32KB

          Download