Overview

overview

9

Static

static

3

18cd862aba...7c.exe

windows7-x64

9

18cd862aba...7c.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    18cd862abab92f4ed84345b4cb2420058636f50bbed84f3ffdc21701a351cf7c

  • Size

    198KB

  • Sample

    240511-xs49pscg91

  • MD5

    84dafa4708ede5a48f33cace1aca3d1c

  • SHA1

    27b32aad44ead8ebdf9ca4c4d14bf095019f519d

  • SHA256

    18cd862abab92f4ed84345b4cb2420058636f50bbed84f3ffdc21701a351cf7c

  • SHA512

    1dbbb356e697c455da948ee2dd75cd059231cfe519124f5891bfecc1e08f4bda4d9abd390fcdefa7d8e94383de650c8390a3f55b8101a6c97be5dc2cdd608455

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEbThydrWpcOPxPke+e3fFpsJOfFpsJbgEbThC:tFPxPke+eIZyEFPxPke+eIZyt

Score
9/10
ransomware

Malware Config

Targets

    • Target

      18cd862abab92f4ed84345b4cb2420058636f50bbed84f3ffdc21701a351cf7c

    • Size

      198KB

    • MD5

      84dafa4708ede5a48f33cace1aca3d1c

    • SHA1

      27b32aad44ead8ebdf9ca4c4d14bf095019f519d

    • SHA256

      18cd862abab92f4ed84345b4cb2420058636f50bbed84f3ffdc21701a351cf7c

    • SHA512

      1dbbb356e697c455da948ee2dd75cd059231cfe519124f5891bfecc1e08f4bda4d9abd390fcdefa7d8e94383de650c8390a3f55b8101a6c97be5dc2cdd608455

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEbThydrWpcOPxPke+e3fFpsJOfFpsJbgEbThC:tFPxPke+eIZyEFPxPke+eIZyt

    Score
    9/10
    ransomware

    • Renames multiple (538) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks