Overview

overview

9

Static

static

3

37efa3fffb...ba.exe

windows7-x64

9

37efa3fffb...ba.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    37efa3fffbfa631ff0676d219e7c6500c452e030938639ce536bfe8edb7b00ba

  • Size

    189KB

  • Sample

    240513-y2x3escb9v

  • MD5

    5e3f8eeec2fec09cfa1064668f38e047

  • SHA1

    d6e9fc9717dbbc43ff29160bdaef1e4c02abc971

  • SHA256

    37efa3fffbfa631ff0676d219e7c6500c452e030938639ce536bfe8edb7b00ba

  • SHA512

    cfe39ecdc0d0cf12ab0918a65f6ec4e2859e9aabcbc6912013b9ec1c6a89e09398191fc26d06c965bb9e3c0a6d2edbe83c2cf49fcbc66d7968c2b84d90111f81

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEF75rWpcOPxPke+e3fFpsJOfFpsJbgEF7s:tFPxPke+eIqFPxPke+eIm

Score
9/10
ransomware

Malware Config

Targets

    • Target

      37efa3fffbfa631ff0676d219e7c6500c452e030938639ce536bfe8edb7b00ba

    • Size

      189KB

    • MD5

      5e3f8eeec2fec09cfa1064668f38e047

    • SHA1

      d6e9fc9717dbbc43ff29160bdaef1e4c02abc971

    • SHA256

      37efa3fffbfa631ff0676d219e7c6500c452e030938639ce536bfe8edb7b00ba

    • SHA512

      cfe39ecdc0d0cf12ab0918a65f6ec4e2859e9aabcbc6912013b9ec1c6a89e09398191fc26d06c965bb9e3c0a6d2edbe83c2cf49fcbc66d7968c2b84d90111f81

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEF75rWpcOPxPke+e3fFpsJOfFpsJbgEF7s:tFPxPke+eIqFPxPke+eIm

    Score
    9/10
    ransomware

    • Renames multiple (559) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks