Overview

overview

9

Static

static

3

5d27a0d832...50.exe

windows7-x64

9

5d27a0d832...50.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-05-2024 01:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d27a0d83290d3f7924daefb731e5c50.exe

  • Size

    65KB

  • MD5

    5d27a0d83290d3f7924daefb731e5c50

  • SHA1

    7f22fbd40ce991f222ac971e5889439c155a5305

  • SHA256

    fc97d1580e98daa1aa9b4a7c4a760286fdc90c3e240f4528fc85b8ef241fa765

  • SHA512

    58bf88e6365b865bd4c87fab3726bc9d002b06e8422f3b5095116a02c4d2beb53d52fb17fdcbcec63b113c54607cd47787c881129627dcb925fd1d857d6802f9

  • SSDEEP

    1536:W7Z9pApQESOHepOHe8G+6E6DGsTdc6e6kvNDck7Tdc6e6kvNDckkvVvv:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDct

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5189) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d27a0d83290d3f7924daefb731e5c50.exe
    "C:\Users\Admin\AppData\Local\Temp\5d27a0d83290d3f7924daefb731e5c50.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2539840389-1261165778-1087677076-1000\desktop.ini.tmp
    Filesize

    65KB

    MD5

    757d1ffe82e704aa13ce02895c4c1058

    SHA1

    d871d67c5700d929deb0f78d783f8c1e0b69700c

    SHA256

    7819c9a5d6602611361ca9cf63c38cd1c3e2fb8ac95a9e1726a157c08f002968

    SHA512

    873c06ecf847963062cadcf1075e2be805faab37ba7eab3846cf360bc17eb200e8ff0a910140696aea29b2a9affe5fca6c61ab19642c55f4d67c1476c0e35b21

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    164KB

    MD5

    c06edb8d79c6e47770191d93900cd38c

    SHA1

    d900a7ea97497f0026c92da1c950a93b1b5dccac

    SHA256

    aed1b3be4d151beb1ce7497ca3d9653ca0f7d5679c3a6d1222189e5170e0ddfe

    SHA512

    7dd4e8591f5ed9f66b04984c0dec01eb0c42e822558e56b836b126c87b2a0b3f6bf6c83d7dbd5dba6a4286bd1b75e6968702cee4a5cf2b19d90ca08df6658f7d

    Download Submit