Overview

overview

9

Static

static

3

d935d02d4b...08.exe

windows7-x64

9

d935d02d4b...08.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208

  • Size

    82KB

  • Sample

    240523-d9tdzsch38

  • MD5

    1186e28fd55429173d89efadced0cba8

  • SHA1

    c901accf761e54bd6230b62ae4c368c80e258cf7

  • SHA256

    d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208

  • SHA512

    8f9153f85c5767ab519f458b934e1125ad9a9ecde730fb8afe5c7c2eb948a1493d5bd214d05e9fc31079426f95a68670fc4c59710b7e8deca43fc22752d9b64d

  • SSDEEP

    768:W7BlpNLpARFbhblkYlkuvIYFC7BlpNLpARFbhblkYlkuvIYFT/K:W7ZNLpApCZuvIYI7ZNLpApCZuvIY9/K

Score
9/10
ransomware

Malware Config

Targets

    • Target

      d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208

    • Size

      82KB

    • MD5

      1186e28fd55429173d89efadced0cba8

    • SHA1

      c901accf761e54bd6230b62ae4c368c80e258cf7

    • SHA256

      d935d02d4b7b8bb7afafad8b77e6c92f496149e7a5dfa080564dd9aa88003208

    • SHA512

      8f9153f85c5767ab519f458b934e1125ad9a9ecde730fb8afe5c7c2eb948a1493d5bd214d05e9fc31079426f95a68670fc4c59710b7e8deca43fc22752d9b64d

    • SSDEEP

      768:W7BlpNLpARFbhblkYlkuvIYFC7BlpNLpARFbhblkYlkuvIYFT/K:W7ZNLpApCZuvIYI7ZNLpApCZuvIY9/K

    Score
    9/10
    ransomware

    • Renames multiple (4852) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks