Overview

overview

9

Static

static

3

d618140e65...1f.exe

windows7-x64

9

d618140e65...1f.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d618140e65e39fcc4927029a305ead6e70bb576207c547f7abb45f540159491f

  • Size

    133KB

  • Sample

    240425-eeykwsfa2v

  • MD5

    db0423327e782a4ae7d5b666989493a6

  • SHA1

    a133c4a0c5ba63862f4f2649b9274124daad759c

  • SHA256

    d618140e65e39fcc4927029a305ead6e70bb576207c547f7abb45f540159491f

  • SHA512

    939cf17a146692a14ec573f7e3739cac0c655a403d0050d4482d4f53f22aef2fbdcd9ae1e16413f19c92880ca3f5ea094ce3ae25a96724650aca9d6b76d95e57

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBz:PqFF2Ie+elqFF2Ie+e6

Score
9/10
ransomware

Malware Config

Targets

    • Target

      d618140e65e39fcc4927029a305ead6e70bb576207c547f7abb45f540159491f

    • Size

      133KB

    • MD5

      db0423327e782a4ae7d5b666989493a6

    • SHA1

      a133c4a0c5ba63862f4f2649b9274124daad759c

    • SHA256

      d618140e65e39fcc4927029a305ead6e70bb576207c547f7abb45f540159491f

    • SHA512

      939cf17a146692a14ec573f7e3739cac0c655a403d0050d4482d4f53f22aef2fbdcd9ae1e16413f19c92880ca3f5ea094ce3ae25a96724650aca9d6b76d95e57

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBz:PqFF2Ie+elqFF2Ie+e6

    Score
    9/10
    ransomware

    • Renames multiple (3891) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks