Overview

overview

9

Static

static

3

8a009e2b40...AS.exe

windows7-x64

9

8a009e2b40...AS.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a009e2b400eb1a003ccb605fd040430_NEAS

  • Size

    130KB

  • Sample

    240507-hss44sdh2v

  • MD5

    8a009e2b400eb1a003ccb605fd040430

  • SHA1

    1275a58877dc90625c29a4c5c09d9c2b7f9c553d

  • SHA256

    c2f90513928915e13ec8c773963d933883afaad214122969836cbd91467f0e45

  • SHA512

    a44be5afc217dccbb9f99b8221960f8fc342219e88e38340c7d0463a51bebfc1e6e4947c03a8324f78d0cc0b5d6b73b08414ad9ad72576dd11bfd2d17e91eabc

  • SSDEEP

    1536:W7ZDpApYbWjCDOgj28/8vhtbW7ZDpApYbWjCDOgj28/8vhtbe:6DWpeDOKkSDWpeDOKk2

Score
9/10
ransomware

Malware Config

Targets

    • Target

      8a009e2b400eb1a003ccb605fd040430_NEAS

    • Size

      130KB

    • MD5

      8a009e2b400eb1a003ccb605fd040430

    • SHA1

      1275a58877dc90625c29a4c5c09d9c2b7f9c553d

    • SHA256

      c2f90513928915e13ec8c773963d933883afaad214122969836cbd91467f0e45

    • SHA512

      a44be5afc217dccbb9f99b8221960f8fc342219e88e38340c7d0463a51bebfc1e6e4947c03a8324f78d0cc0b5d6b73b08414ad9ad72576dd11bfd2d17e91eabc

    • SSDEEP

      1536:W7ZDpApYbWjCDOgj28/8vhtbW7ZDpApYbWjCDOgj28/8vhtbe:6DWpeDOKkSDWpeDOKk2

    Score
    9/10
    ransomware

    • Renames multiple (4084) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks