Overview

overview

9

Static

static

3

953cf5a7d8...e5.exe

windows7-x64

9

953cf5a7d8...e5.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    953cf5a7d8f7944dc743fdd4ebabc25caafdf7547efd302f1548b419201830e5

  • Size

    202KB

  • Sample

    240425-a5s1wacd8y

  • MD5

    9edd3613c3e8ef8126ddd0400246b6d0

  • SHA1

    79a80241f1e6cf40c4f14747ea85f448c8ac02d8

  • SHA256

    953cf5a7d8f7944dc743fdd4ebabc25caafdf7547efd302f1548b419201830e5

  • SHA512

    041f17a67f1d1c370984db80a80011bff0d497d275af2cd360510f586f9867153807aecc4e3fd27e2e5ac3c9b57b04771523cca46ff03ff30d3d0450b79c39f6

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdVrWpcOPxPke+e3fFpsJOfFpsJbgn:tFPxPke+eI2GuFPxPke+eI2GG

Score
9/10
ransomware

Malware Config

Targets

    • Target

      953cf5a7d8f7944dc743fdd4ebabc25caafdf7547efd302f1548b419201830e5

    • Size

      202KB

    • MD5

      9edd3613c3e8ef8126ddd0400246b6d0

    • SHA1

      79a80241f1e6cf40c4f14747ea85f448c8ac02d8

    • SHA256

      953cf5a7d8f7944dc743fdd4ebabc25caafdf7547efd302f1548b419201830e5

    • SHA512

      041f17a67f1d1c370984db80a80011bff0d497d275af2cd360510f586f9867153807aecc4e3fd27e2e5ac3c9b57b04771523cca46ff03ff30d3d0450b79c39f6

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdVrWpcOPxPke+e3fFpsJOfFpsJbgn:tFPxPke+eI2GuFPxPke+eI2GG

    Score
    9/10
    ransomware

    • Renames multiple (4478) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks