Overview

overview

9

Static

static

3

a59a3b41c0...ba.exe

windows7-x64

9

a59a3b41c0...ba.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    a59a3b41c02085f8bd37d01dd8edd2542cb72eb6365c38b7825bd0f315e1c8ba

  • Size

    121KB

  • Sample

    240501-b34j9sda41

  • MD5

    6583a847432764c51bf7744b3b2facdc

  • SHA1

    d04c7410337b8ec5829dd81b2e0911ac415a98d5

  • SHA256

    a59a3b41c02085f8bd37d01dd8edd2542cb72eb6365c38b7825bd0f315e1c8ba

  • SHA512

    ae7a03b05d90e56fa78026e5855c5787e742e203c10937fbfd0891c823ef2e4cc9ecfbb2e8dbc0a8596922c2623dfe7db6a14af08f8f69df1d05a30d2ba94fdd

  • SSDEEP

    1536:W7ZDpApYbWjnWf05PG0PG26o7ZDpApYbWjnWf05PG0PG26m:6DWpDWYPxP1DWpDWYPxPP

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a59a3b41c02085f8bd37d01dd8edd2542cb72eb6365c38b7825bd0f315e1c8ba

    • Size

      121KB

    • MD5

      6583a847432764c51bf7744b3b2facdc

    • SHA1

      d04c7410337b8ec5829dd81b2e0911ac415a98d5

    • SHA256

      a59a3b41c02085f8bd37d01dd8edd2542cb72eb6365c38b7825bd0f315e1c8ba

    • SHA512

      ae7a03b05d90e56fa78026e5855c5787e742e203c10937fbfd0891c823ef2e4cc9ecfbb2e8dbc0a8596922c2623dfe7db6a14af08f8f69df1d05a30d2ba94fdd

    • SSDEEP

      1536:W7ZDpApYbWjnWf05PG0PG26o7ZDpApYbWjnWf05PG0PG26m:6DWpDWYPxP1DWpDWYPxPP

    Score
    9/10
    ransomware

    • Renames multiple (6038) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks