Overview

overview

9

Static

static

3

240418-yyw1yseh6s.exe

windows7-x64

9

240418-yyw1yseh6s.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    240418-yyw1yseh6s

  • Size

    20KB

  • Sample

    240424-pmmtgahh22

  • MD5

    3602da1a47c0588e08c9879c9a8c4983

  • SHA1

    a839da665a9b412d27a1a620839d80c665126aa7

  • SHA256

    d3da108cd135476a72938b44d894eb86eabb63a7f5fafb1c98f08a4c7e910626

  • SHA512

    6ffd39e18645c8529785640d5b400713b7256fd7d071e9fc564f231705671d8eede1c289492deaf069c06aba568613d6fef93fde18ff7051af53b8fdd4c4e9eb

  • SSDEEP

    384:B+6r/n0n3oSLjZMhpBtLGLc9DlOCLULILLE9mZxzYVSbQ4+fCuKtptYcFwVc03K:tKDZMh5S9+Y8m8RYobQ4duKftYcFwVcl

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      240418-yyw1yseh6s

    • Size

      20KB

    • MD5

      3602da1a47c0588e08c9879c9a8c4983

    • SHA1

      a839da665a9b412d27a1a620839d80c665126aa7

    • SHA256

      d3da108cd135476a72938b44d894eb86eabb63a7f5fafb1c98f08a4c7e910626

    • SHA512

      6ffd39e18645c8529785640d5b400713b7256fd7d071e9fc564f231705671d8eede1c289492deaf069c06aba568613d6fef93fde18ff7051af53b8fdd4c4e9eb

    • SSDEEP

      384:B+6r/n0n3oSLjZMhpBtLGLc9DlOCLULILLE9mZxzYVSbQ4+fCuKtptYcFwVc03K:tKDZMh5S9+Y8m8RYobQ4duKftYcFwVcl

    Score
    9/10
    ransomwarespywarestealer

    • Renames multiple (16909) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks