Overview

overview

9

Static

static

3

36ea1fe7fe...84.exe

windows7-x64

9

36ea1fe7fe...84.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    151s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 20:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36ea1fe7feab90bb0e6e91584187bcc82101b52739293e22410b04739c621184.exe

  • Size

    92KB

  • MD5

    fd2feb984287ab5602babded2540c2e6

  • SHA1

    508b8025602ce4d168c8ea0b525c84828737fdb0

  • SHA256

    36ea1fe7feab90bb0e6e91584187bcc82101b52739293e22410b04739c621184

  • SHA512

    e8173bed576815be98c18f7f3723b1571149dd9f83693b4c394d3147bd5a728f786b9164c7101e65ed01a0f18624cb5218cf9499d0b2d8451f53f326bd1341fc

  • SSDEEP

    1536:W7ZDpApYbWjnWf05PG0PG26IvxvWyCUyCGjjW+jjW4Kl+RR/D5zf6ydyf+abMkFB:6DWpDWYPxPTJe4cjWEjWqR/D5zf6ydyr

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (1357) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36ea1fe7feab90bb0e6e91584187bcc82101b52739293e22410b04739c621184.exe
    "C:\Users\Admin\AppData\Local\Temp\36ea1fe7feab90bb0e6e91584187bcc82101b52739293e22410b04739c621184.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1496
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4240 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1216

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
      Filesize

      92KB

      MD5

      fecb41768de7f878a1b03693275b3c79

      SHA1

      5ca2546057965c8740b60750a6427c254095ffa1

      SHA256

      0dfa8f56e4aea00f7c08e432acc85537a1c160b2603e421422336032f774b0d6

      SHA512

      f18e4fe55b84e08da6f1e895c1f65b805865af35d8feb94f75b3880e3801c299370c93b8435d5f50b0f74e12fef369b7dc3620ea204afc77366ad8593f11b095

      Download Submit
    • C:\libsmartscreen.dll.tmp
      Filesize

      92KB

      MD5

      088736fb2312a6939f1e20e54a5e7d70

      SHA1

      68184434b1732cec38b8963f7b9ec5ccad6035a1

      SHA256

      1fb9ad3a5818461247054e24c33f38494083d438fcc4b07df0f2a7f611ddc437

      SHA512

      7afbc123e9b37427e2dee3ff7e3bc4472a60ad86f60d7cdacbc4f2c4a9e687f0969f6cfce33afe79c2547d5b62c229795706ac14aed7c2b3115284375d3cafa6

      Download Submit