Overview

overview

9

Static

static

3

89468cbd15...58.exe

windows7-x64

9

89468cbd15...58.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/05/2024, 00:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    89468cbd15c7464a14c35b21cce78574a3512649bdb7a426e2aaeee200d98058.exe

  • Size

    128KB

  • MD5

    4a332868fa08418e4a53ee8173bade43

  • SHA1

    524846382447024e0bb8ab1f185423eb4b70573b

  • SHA256

    89468cbd15c7464a14c35b21cce78574a3512649bdb7a426e2aaeee200d98058

  • SHA512

    ab808b6ce8d38012c664a333db74ae115baca8539cbd646a59ce09228b1cc1861d6b16b1b470c22b8068ef71f707d34f78f5fe2c95270eb0f91cbbcbd243a5a7

  • SSDEEP

    768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c50KPKN:/7ZQpApUsKiX26Ka4

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4855) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\89468cbd15c7464a14c35b21cce78574a3512649bdb7a426e2aaeee200d98058.exe
    "C:\Users\Admin\AppData\Local\Temp\89468cbd15c7464a14c35b21cce78574a3512649bdb7a426e2aaeee200d98058.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4272

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-3558294865-3673844354-2255444939-1000\desktop.ini.tmp
          Filesize

          128KB

          MD5

          e7b66720c8eb93e8056bd14cb3116c68

          SHA1

          fbb00162cf9fe826761fc1545b7a1203b90fbcb2

          SHA256

          97da79784eb96912e0f9687e716e0d1b5b3a1193c0b5aab22cd515e388f06230

          SHA512

          c113af6aa282791ba83bb726c6d3e5beca433192f4a7eca86a593fc6b932291c41afb9b80776de185e8c44e43218cf65f41f1910786c8d1f90549ad702960f3f

          Download Submit

        • C:\Program Files\7-Zip\7-zip.dll.exe
          Filesize

          227KB

          MD5

          bdaa345e9a30fa0ed11ded7cc41a4d23

          SHA1

          440112cef4463d042e6b7cf6f17287db11bf8d2a

          SHA256

          d800385dca16c8172cdc49b79c61d672f9b7c967613cee41186db2fe6b14af2e

          SHA512

          94e6fa877fd5598a8adb93b9a20bd4679cc91f7690f4ac9ba0186f3a8fff08e5eb4bd5929f93bc28cf0dd1c9768fd866ddb3a82dea3476fb0d9edb082c35c267

          Download Submit

        • memory/4272-0-0x0000000000400000-0x0000000000408000-memory.dmp

          Filesize

          32KB

          Download

        • memory/4272-1726-0x0000000000400000-0x0000000000408000-memory.dmp

          Filesize

          32KB

          Download