Overview

overview

9

Static

static

3

a0352187ac...b3.exe

windows7-x64

9

a0352187ac...b3.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0352187ac296b03a4aae3699d737989116e1026c5493d71f1e1305903d4b4b3

  • Size

    142KB

  • Sample

    240425-bnazeacf86

  • MD5

    5a3a94b1031d6efcc21f7b73ad7545df

  • SHA1

    0d3a95bccfeb1dec8bc510a25899dba3a0e73121

  • SHA256

    a0352187ac296b03a4aae3699d737989116e1026c5493d71f1e1305903d4b4b3

  • SHA512

    478360fbaa6bf95f26ef6f3998f52b6cb6d910bf5676fee1f5f6587f5079fe819b4e1f944b740757f07741741c87b8dae2776dbdd5cc7525e6bbf850f74c905b

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZve7WpMaxeb0CYJ97lEYNR73e+eKZv:RqKvb0CYJ973e+eKZGqKvb0CYJ973e+x

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a0352187ac296b03a4aae3699d737989116e1026c5493d71f1e1305903d4b4b3

    • Size

      142KB

    • MD5

      5a3a94b1031d6efcc21f7b73ad7545df

    • SHA1

      0d3a95bccfeb1dec8bc510a25899dba3a0e73121

    • SHA256

      a0352187ac296b03a4aae3699d737989116e1026c5493d71f1e1305903d4b4b3

    • SHA512

      478360fbaa6bf95f26ef6f3998f52b6cb6d910bf5676fee1f5f6587f5079fe819b4e1f944b740757f07741741c87b8dae2776dbdd5cc7525e6bbf850f74c905b

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZve7WpMaxeb0CYJ97lEYNR73e+eKZv:RqKvb0CYJ973e+eKZGqKvb0CYJ973e+x

    Score
    9/10
    ransomware

    • Renames multiple (4325) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks