Overview

overview

9

Static

static

3

d618ad28f0...73.exe

windows7-x64

9

d618ad28f0...73.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    25-04-2024 03:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d618ad28f0c1aa385acf344aeb23a72df8e74a3435f5e1164ea2534bab030873.exe

  • Size

    112KB

  • MD5

    16260f5189ee2b597713540f257fe460

  • SHA1

    8714f1a10889a550b47cd7e0deffc8e02be11307

  • SHA256

    d618ad28f0c1aa385acf344aeb23a72df8e74a3435f5e1164ea2534bab030873

  • SHA512

    945c9e0afdfcd3d2cfd16b0576ce45ac94ddb718311f42b060cecb37c5e3ce0dda748d7de059d46ee04a689f0e4845dcc53eaedfdcf84f4afa17d7ed8364d693

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUrt7tmHSXIBlf08qySzCeHbK:RqA/Hm

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3450) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d618ad28f0c1aa385acf344aeb23a72df8e74a3435f5e1164ea2534bab030873.exe
    "C:\Users\Admin\AppData\Local\Temp\d618ad28f0c1aa385acf344aeb23a72df8e74a3435f5e1164ea2534bab030873.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2248906074-2862704502-246302768-1000\desktop.ini.tmp
    Filesize

    112KB

    MD5

    8cdec1a4125dff42c178f5665fa5e093

    SHA1

    e8ff125fbd2b19458132c044462e2e368cd28649

    SHA256

    779f275a2a2037d248cb064ad535a2825208f231dfa413ee09a2411c595f24b7

    SHA512

    342b772b6593b206fab3a143602f120d795de7e140edbbbf2e9f2c3fa8392f143332f4211acc863718791f0b622863e841d75dc40c3e2040b41f3f24f5dabe4f

    Download Submit
  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    121KB

    MD5

    1f894fc1da7d9f4bd818ab87cadc586e

    SHA1

    ec0a6b1b215799888743cca87dd94492cb21496f

    SHA256

    54ae91761896811693c40839693dd87d1013d2835f8fee8a34108c770555dd2e

    SHA512

    b57c0bd9d4620481ccfe756ec0b6c404252bfe6505c1fd115cbc9810acf28372844ea391fa273d3486861702fd3e52064990c8d0c77bfab107e4803c5f2c046c

    Download Submit