Overview

overview

9

Static

static

3

3d31025a2c...54.exe

windows7-x64

9

3d31025a2c...54.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    3d31025a2cc5b6c0bb6c560093cd8d9f089f70ee399f9401ab1b3a94c7bef854

  • Size

    154KB

  • Sample

    240513-zaex7sdc49

  • MD5

    4da1dcd6be42ae9196d55ce627632d73

  • SHA1

    ae29905d5b1e1aacdb3a62817d15c7d6d89d05f0

  • SHA256

    3d31025a2cc5b6c0bb6c560093cd8d9f089f70ee399f9401ab1b3a94c7bef854

  • SHA512

    0d8de0010e9163d71a7ca72f239cbc232d7203abfe05f08e12e7030abb926c20d302b64f49ccd7e711f0173e1b15f90d11706bc1a1081b547479fbe4d52db9fa

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZKe7WpMaxeb0CYJ97lEYNR73e+eKZf:RqKvb0CYJ973e+eKZhqKvb0CYJ973e+R

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3d31025a2cc5b6c0bb6c560093cd8d9f089f70ee399f9401ab1b3a94c7bef854

    • Size

      154KB

    • MD5

      4da1dcd6be42ae9196d55ce627632d73

    • SHA1

      ae29905d5b1e1aacdb3a62817d15c7d6d89d05f0

    • SHA256

      3d31025a2cc5b6c0bb6c560093cd8d9f089f70ee399f9401ab1b3a94c7bef854

    • SHA512

      0d8de0010e9163d71a7ca72f239cbc232d7203abfe05f08e12e7030abb926c20d302b64f49ccd7e711f0173e1b15f90d11706bc1a1081b547479fbe4d52db9fa

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZKe7WpMaxeb0CYJ97lEYNR73e+eKZf:RqKvb0CYJ973e+eKZhqKvb0CYJ973e+R

    Score
    9/10
    ransomware

    • Renames multiple (4418) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks