Overview

overview

9

Static

static

3

7199861d9b...9d.exe

windows7-x64

9

7199861d9b...9d.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    7199861d9b2920f6dd6147d535dececf27a17e536b530fca5cd8593dbbef699d

  • Size

    180KB

  • Sample

    240510-2ndy6sea5w

  • MD5

    0c7f504812151515f9ca0ac0cb5510f5

  • SHA1

    55c3e3aa81f5b36e99f4d7ecac83575ee560af61

  • SHA256

    7199861d9b2920f6dd6147d535dececf27a17e536b530fca5cd8593dbbef699d

  • SHA512

    945f32d92d11c7cf5ce14aca5831fcf8d6527a8d30336caa6c1ed9e4ffd315dc617a02db1b3f1fcf6702020442ac08c45b51dad7b12c6cbe32e3706c5758e1b4

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE5rWpcOPxPke+e3fFpsJOfFpsJbgER:tFPxPke+eIgFPxPke+eIR

Score
9/10
ransomware

Malware Config

Targets

    • Target

      7199861d9b2920f6dd6147d535dececf27a17e536b530fca5cd8593dbbef699d

    • Size

      180KB

    • MD5

      0c7f504812151515f9ca0ac0cb5510f5

    • SHA1

      55c3e3aa81f5b36e99f4d7ecac83575ee560af61

    • SHA256

      7199861d9b2920f6dd6147d535dececf27a17e536b530fca5cd8593dbbef699d

    • SHA512

      945f32d92d11c7cf5ce14aca5831fcf8d6527a8d30336caa6c1ed9e4ffd315dc617a02db1b3f1fcf6702020442ac08c45b51dad7b12c6cbe32e3706c5758e1b4

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE5rWpcOPxPke+e3fFpsJOfFpsJbgER:tFPxPke+eIgFPxPke+eIR

    Score
    9/10
    ransomware

    • Renames multiple (587) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks