Overview

overview

9

Static

static

3

5fe5efa559...f4.exe

windows7-x64

9

5fe5efa559...f4.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fe5efa559edd6c2ca4509ea9a61e0a2df957eac69dba9c878c5a465872e0bf4.exe

  • Size

    152KB

  • Sample

    240523-aj2e5aed3x

  • MD5

    0e8d0b16fb251393e146012b49054d10

  • SHA1

    6b6b4de4d3ca8064a4fcf2c8641b2a42e9b84941

  • SHA256

    5fe5efa559edd6c2ca4509ea9a61e0a2df957eac69dba9c878c5a465872e0bf4

  • SHA512

    849f9c45d5e1c4b98bdd5d04d140809e93c57df75d7da79b533bdf3fd5cf496de1bf8dc9a0bd4366480d18c92eeb2dca340b1de66f278b915cd06f8e28dc8745

  • SSDEEP

    1536:W7Z9pApQESOHepOHe8G+6E65TGA3vv7Z9pApQESOHepOHe8G+6E65TGA3vo:69WpQEJAl9WpQEJAw

Score
9/10
ransomware

Malware Config

Targets

    • Target

      5fe5efa559edd6c2ca4509ea9a61e0a2df957eac69dba9c878c5a465872e0bf4.exe

    • Size

      152KB

    • MD5

      0e8d0b16fb251393e146012b49054d10

    • SHA1

      6b6b4de4d3ca8064a4fcf2c8641b2a42e9b84941

    • SHA256

      5fe5efa559edd6c2ca4509ea9a61e0a2df957eac69dba9c878c5a465872e0bf4

    • SHA512

      849f9c45d5e1c4b98bdd5d04d140809e93c57df75d7da79b533bdf3fd5cf496de1bf8dc9a0bd4366480d18c92eeb2dca340b1de66f278b915cd06f8e28dc8745

    • SSDEEP

      1536:W7Z9pApQESOHepOHe8G+6E65TGA3vv7Z9pApQESOHepOHe8G+6E65TGA3vo:69WpQEJAl9WpQEJAw

    Score
    9/10
    ransomware

    • Renames multiple (5627) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks