Overview

overview

9

Static

static

3

6c670e1920...3a.exe

windows7-x64

9

6c670e1920...3a.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c670e19206ef52cf1e1c68187e70e1f16897d8d46ab8caf66461ccda739033a

  • Size

    115KB

  • Sample

    240424-2ssccsbb62

  • MD5

    54381d3bafea9403c6eef5a4c24c687a

  • SHA1

    d3c5b78a61ad0fbea01b324920fc49af2d555f6c

  • SHA256

    6c670e19206ef52cf1e1c68187e70e1f16897d8d46ab8caf66461ccda739033a

  • SHA512

    0daa4884b592c654692b8547467edb4e297cad43dcdf04e89138b45a7ba6b7868207a407896c0a8d1b3e35c2e1362e226e9aa2f9b15c9bf9bf15dc9751063396

  • SSDEEP

    1536:W7ZDpApYbWjCDOgjkJix9JQXJix9JQ507ZDpApYbWjCDOgjkJix9JQXJix9JQ5t:6DWpeDOiDWpeDO/

Score
9/10
ransomware

Malware Config

Targets

    • Target

      6c670e19206ef52cf1e1c68187e70e1f16897d8d46ab8caf66461ccda739033a

    • Size

      115KB

    • MD5

      54381d3bafea9403c6eef5a4c24c687a

    • SHA1

      d3c5b78a61ad0fbea01b324920fc49af2d555f6c

    • SHA256

      6c670e19206ef52cf1e1c68187e70e1f16897d8d46ab8caf66461ccda739033a

    • SHA512

      0daa4884b592c654692b8547467edb4e297cad43dcdf04e89138b45a7ba6b7868207a407896c0a8d1b3e35c2e1362e226e9aa2f9b15c9bf9bf15dc9751063396

    • SSDEEP

      1536:W7ZDpApYbWjCDOgjkJix9JQXJix9JQ507ZDpApYbWjCDOgjkJix9JQXJix9JQ5t:6DWpeDOiDWpeDO/

    Score
    9/10
    ransomware

    • Renames multiple (993) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks