Overview

overview

9

Static

static

3

7f41ef4ff8...af.exe

windows7-x64

9

7f41ef4ff8...af.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    7f41ef4ff8924e6b79ca075bf79bf096385915ce799d517655d7326e02eb8baf

  • Size

    216KB

  • Sample

    240509-3g4fxsdc6z

  • MD5

    7c1cd99baf23df05911f1a91cb232af5

  • SHA1

    f0d2ca77a40320cba23f919840ab69a56aefe141

  • SHA256

    7f41ef4ff8924e6b79ca075bf79bf096385915ce799d517655d7326e02eb8baf

  • SHA512

    a4928f7a1377ee35baaf73269defbb91c1ccbbfb5ac4142b7b3f67b76be3935d0f4bdb9d2a3362bf40a1650000fb39e4147adffeac84c17531bd3a6281b9de57

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgkrWpcOPxPke+e3fFpsJOfFpsJ4:tFPxPke+eI2GRgDFPxPke+eI2GRgn

Score
9/10
ransomware

Malware Config

Targets

    • Target

      7f41ef4ff8924e6b79ca075bf79bf096385915ce799d517655d7326e02eb8baf

    • Size

      216KB

    • MD5

      7c1cd99baf23df05911f1a91cb232af5

    • SHA1

      f0d2ca77a40320cba23f919840ab69a56aefe141

    • SHA256

      7f41ef4ff8924e6b79ca075bf79bf096385915ce799d517655d7326e02eb8baf

    • SHA512

      a4928f7a1377ee35baaf73269defbb91c1ccbbfb5ac4142b7b3f67b76be3935d0f4bdb9d2a3362bf40a1650000fb39e4147adffeac84c17531bd3a6281b9de57

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgkrWpcOPxPke+e3fFpsJOfFpsJ4:tFPxPke+eI2GRgDFPxPke+eI2GRgn

    Score
    9/10
    ransomware

    • Renames multiple (3471) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks