Overview

overview

9

Static

static

3

507e2184f8...9b.exe

windows7-x64

9

507e2184f8...9b.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    507e2184f8b374c35eabe3be19a6ff75467e1aab942c95e321fda405180da09b.exe

  • Size

    80KB

  • MD5

    0f93d217888d4457ff3b43b41fcbcd20

  • SHA1

    73750d7cf77d3aaadd58bd13c7dc872af55d6533

  • SHA256

    507e2184f8b374c35eabe3be19a6ff75467e1aab942c95e321fda405180da09b

  • SHA512

    a032855352665ef447734974e04a12f697370fcb35cd8ee6a8c8d0633204a91124e84bfc6d67b3326b9680d4b976dbce884c655c967e8638e1817dac000eede9

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7YWtMQQQXvi:6e7WpMaxeb0CYJ97lEYNR7Ztm

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4840) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\507e2184f8b374c35eabe3be19a6ff75467e1aab942c95e321fda405180da09b.exe
    "C:\Users\Admin\AppData\Local\Temp\507e2184f8b374c35eabe3be19a6ff75467e1aab942c95e321fda405180da09b.exe"
    1⤵
    • Drops file in Program Files directory
    PID:744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3906287020-2915474608-1755617787-1000\desktop.ini.tmp
    Filesize

    81KB

    MD5

    9d7d6f868b623bdd2d436912334fa5ab

    SHA1

    2e36b9a19b7c4ed437e97d4dd11ced02c594f86d

    SHA256

    1b354d22530015f9883c333c3e50851d84ef7319d31ba520e25898558a7edc75

    SHA512

    f4071c0b79edb6a510964964d03712fec37805b090836a9b6f6c8306fd008dec7b4d511d9e5d1a89abd0606486e0a24dbc0054b16000c3704d472ed008d1b872

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    179KB

    MD5

    dd62a3311ef81e3810c23aabbd1c8112

    SHA1

    ae25a2785f4079451fcc1c60bb0adcfd8fd9d711

    SHA256

    cb4b8b1484964c8c986d9c93eb85e90713434a26bcc3ad75f2d19e592fe8c422

    SHA512

    6f875e2cecce046ba62c7391664fc43744d4bb7744ecbf127823f588d72613d6b49598008f215b4753bcdf1990db9d1dd83f6597a6faa6a94f1f0b59d713ef04

    Download Submit