Overview

overview

9

Static

static

3

8890925ea7...b2.exe

windows7-x64

9

8890925ea7...b2.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8890925ea741c909ea5a23423359e4efb7b1f32c994e85b3c1d0673ebbf874b2

  • Size

    178KB

  • Sample

    240522-313zhaea2x

  • MD5

    5f5bb926b85bafb5162e576d61482fa8

  • SHA1

    ae6a7c486c24b9b5485b0a3ca4d283bff7fb0111

  • SHA256

    8890925ea741c909ea5a23423359e4efb7b1f32c994e85b3c1d0673ebbf874b2

  • SHA512

    6205c04947a289282fd1d23eb592a381d918a3d36eaa5d49175264e25b8df053e2e09986351ced7485afbf56cbe655ba73a171f8e22f68f2b3fb8299af610c62

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZZT8e7WpMaxeb0CYJ97lEYNR73e+eKZZTN:RqKvb0CYJ973e+eKZZTHqKvb0CYJ973N

Score
9/10
ransomware

Malware Config

Targets

    • Target

      8890925ea741c909ea5a23423359e4efb7b1f32c994e85b3c1d0673ebbf874b2

    • Size

      178KB

    • MD5

      5f5bb926b85bafb5162e576d61482fa8

    • SHA1

      ae6a7c486c24b9b5485b0a3ca4d283bff7fb0111

    • SHA256

      8890925ea741c909ea5a23423359e4efb7b1f32c994e85b3c1d0673ebbf874b2

    • SHA512

      6205c04947a289282fd1d23eb592a381d918a3d36eaa5d49175264e25b8df053e2e09986351ced7485afbf56cbe655ba73a171f8e22f68f2b3fb8299af610c62

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZZT8e7WpMaxeb0CYJ97lEYNR73e+eKZZTN:RqKvb0CYJ973e+eKZZTHqKvb0CYJ973N

    Score
    9/10
    ransomware

    • Renames multiple (4992) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks