Overview

overview

9

Static

static

3

a87efd2ea8...91.exe

windows7-x64

9

a87efd2ea8...91.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    a87efd2ea8b7192cc63c3c7ab9aa56998db7185a76e160104882e442f2948891

  • Size

    195KB

  • Sample

    240505-dd6pfafg57

  • MD5

    a222b47f87d6ffc77aba854d48406955

  • SHA1

    73a84ccc20ec737adb8dfe088fd0fa07550864ae

  • SHA256

    a87efd2ea8b7192cc63c3c7ab9aa56998db7185a76e160104882e442f2948891

  • SHA512

    8021ce3296ef52d603555c61af4a4f159c5be83d27940cc2584824c8fc0a9314eeaa78dd5d804694851b6d61651528ad4f3dfbf819d1872d93d642d9aa6f40d4

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE7yKoIWbsHfySkT5GeCyi348oWGRPOzkjId6h:tFPxPke+eI1FPxPke+eIp

Score
9/10
ransomware

Malware Config

Targets

    • Target

      a87efd2ea8b7192cc63c3c7ab9aa56998db7185a76e160104882e442f2948891

    • Size

      195KB

    • MD5

      a222b47f87d6ffc77aba854d48406955

    • SHA1

      73a84ccc20ec737adb8dfe088fd0fa07550864ae

    • SHA256

      a87efd2ea8b7192cc63c3c7ab9aa56998db7185a76e160104882e442f2948891

    • SHA512

      8021ce3296ef52d603555c61af4a4f159c5be83d27940cc2584824c8fc0a9314eeaa78dd5d804694851b6d61651528ad4f3dfbf819d1872d93d642d9aa6f40d4

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE7yKoIWbsHfySkT5GeCyi348oWGRPOzkjId6h:tFPxPke+eI1FPxPke+eIp

    Score
    9/10
    ransomware

    • Renames multiple (4103) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks