Overview

overview

9

Static

static

3

a87675d106...2f.exe

windows7-x64

9

a87675d106...2f.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    153s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/05/2024, 01:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a87675d106c55b45e68a0cb1d5bee6b4b7905727dcb5373dbd1ee07d7edcb92f.exe

  • Size

    398KB

  • MD5

    502af52ddefcad2515ba1c3b48d04063

  • SHA1

    56eac909ede8067ee359e6c766b0a294c59b9aea

  • SHA256

    a87675d106c55b45e68a0cb1d5bee6b4b7905727dcb5373dbd1ee07d7edcb92f

  • SHA512

    713a81986c57fbc3bab84c1bdcd91959054ae1fac6629043ad37163dfca88347d584d643c61b07d92862542e5d36d403b19aa1fe481bc77f1ead6b3cdbe50da6

  • SSDEEP

    6144:Rqaa0JVN9Q7kRwSrJWrtEiOLAORtX2YX5LyvnMqqmy:c0JV/Q767lGEi+AORtmhnMqfy

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (446) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a87675d106c55b45e68a0cb1d5bee6b4b7905727dcb5373dbd1ee07d7edcb92f.exe
    "C:\Users\Admin\AppData\Local\Temp\a87675d106c55b45e68a0cb1d5bee6b4b7905727dcb5373dbd1ee07d7edcb92f.exe"
    1⤵
    • Drops file in Program Files directory
    PID:628
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3912 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1648

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
            Filesize

            398KB

            MD5

            4c6b6e60275244000c7410dba0909e1c

            SHA1

            3cfbf64b9761a616ae4250ef3b378bb6c7df0b15

            SHA256

            c2a080b4229f95b298b9f5561615f008447a54df016d01522f496ef29bf6355e

            SHA512

            f03097f39a811b4df3d118e4eba1f7b96ec6cd38f305ec5d8ef2fcbf4661f684dc8e406646e605b05a715266518cb1d883a42e72992772c4549521c85c87493c

            Download Submit

          • C:\libsmartscreen.dll.tmp
            Filesize

            398KB

            MD5

            bef9deeeca6b7588b496a7130b7c077b

            SHA1

            a59336dca6a3e130da5cfce630c128983eae884f

            SHA256

            327e2a2e161f1eddfa69265bae91d19c9344cd24b55488f67d8eb0bf60d4aae5

            SHA512

            c57c881782916a5c15913cf3b1f3e2e40d9c6e40d0e90dd636d58dee62140a2beb5d156a1dc67a3d2826ce3b18adf7debc4823de42b426a77fe353c16ae44da4

            Download Submit