Overview

overview

9

Static

static

3

ed785042f4...c3.exe

windows7-x64

9

ed785042f4...c3.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed785042f471e3dab78d966c0bfad00d88f7aea233a000fb8bd837854372f8c3

  • Size

    185KB

  • Sample

    240425-flstnafg58

  • MD5

    caceb67286fefa76d08da0b41a62fb1b

  • SHA1

    851a7843bd7b84ce5d6eb80e5bd844056cbd8c89

  • SHA256

    ed785042f471e3dab78d966c0bfad00d88f7aea233a000fb8bd837854372f8c3

  • SHA512

    4e6a7962864fcba30544e621547cfa759af0beb656534ddb163069ffb0bef9021db5814c5dc11e198c30ec737d4630da892a24562459ea9a4bb7f7428d1c5dbc

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEODDrWpcOPxPke+e3fFpsJOfFpsJbgEODH:tFPxPke+eIJFPxPke+eIi

Score
9/10
ransomware

Malware Config

Targets

    • Target

      ed785042f471e3dab78d966c0bfad00d88f7aea233a000fb8bd837854372f8c3

    • Size

      185KB

    • MD5

      caceb67286fefa76d08da0b41a62fb1b

    • SHA1

      851a7843bd7b84ce5d6eb80e5bd844056cbd8c89

    • SHA256

      ed785042f471e3dab78d966c0bfad00d88f7aea233a000fb8bd837854372f8c3

    • SHA512

      4e6a7962864fcba30544e621547cfa759af0beb656534ddb163069ffb0bef9021db5814c5dc11e198c30ec737d4630da892a24562459ea9a4bb7f7428d1c5dbc

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEODDrWpcOPxPke+e3fFpsJOfFpsJbgEODH:tFPxPke+eIJFPxPke+eIi

    Score
    9/10
    ransomware

    • Renames multiple (4118) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks