Overview

overview

9

Static

static

3

e30696c6ae...32.exe

windows7-x64

9

e30696c6ae...32.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e30696c6ae26ef5566c9e1f6d628328faa3c1e2eee67f41a8c65b2d001b01632

  • Size

    200KB

  • Sample

    240425-e4qatafc52

  • MD5

    c52d5429510b4c31f57546dceeab476f

  • SHA1

    447dc1e5e5db3d61f553cae0520589a9f603614f

  • SHA256

    e30696c6ae26ef5566c9e1f6d628328faa3c1e2eee67f41a8c65b2d001b01632

  • SHA512

    55cc34b2bd924ec45fa64e02613d04b31b525107cd36ea1801faa1b84dcd68336d5b8dffbd91d6b206e8bd25adde2cf173ce4261342aebce62cddb6c63f8967d

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEdi/D5zf6ydyf+abMkF24kzK3jbrCkoRWNkzV:tFPxPke+eI4XTFPxPke+eI4XX

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e30696c6ae26ef5566c9e1f6d628328faa3c1e2eee67f41a8c65b2d001b01632

    • Size

      200KB

    • MD5

      c52d5429510b4c31f57546dceeab476f

    • SHA1

      447dc1e5e5db3d61f553cae0520589a9f603614f

    • SHA256

      e30696c6ae26ef5566c9e1f6d628328faa3c1e2eee67f41a8c65b2d001b01632

    • SHA512

      55cc34b2bd924ec45fa64e02613d04b31b525107cd36ea1801faa1b84dcd68336d5b8dffbd91d6b206e8bd25adde2cf173ce4261342aebce62cddb6c63f8967d

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEdi/D5zf6ydyf+abMkF24kzK3jbrCkoRWNkzV:tFPxPke+eI4XTFPxPke+eI4XX

    Score
    9/10
    ransomware

    • Renames multiple (3624) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks