Overview

overview

9

Static

static

3

Done.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Done.exe

  • Size

    114KB

  • Sample

    240524-rvzjcahe69

  • MD5

    1cd00bce47b99fe9c7518551a37b4464

  • SHA1

    e9a1b412d7f6e9a4b59b148547d5671f3502e290

  • SHA256

    5e1980b65ffefcebab43b788e4a8661be9a1e3dbb1af1468c0fc504f4d420e8d

  • SHA512

    88678264d0fb579b6e22073b703a4ec0bee61d493b4f682b3793a94ad63fa7afe56afe86be4f114b3beb88e74e574bec19fac509f8f2138e8a4d385d4998de46

  • SSDEEP

    3072:wZbM1uArFpdSHP4tZr5f9MTSqqB5/Rv437PA:v86FpwHP+rcSqixRAD

Score
9/10
ransomware

Malware Config

Targets

    • Target

      Done.exe

    • Size

      114KB

    • MD5

      1cd00bce47b99fe9c7518551a37b4464

    • SHA1

      e9a1b412d7f6e9a4b59b148547d5671f3502e290

    • SHA256

      5e1980b65ffefcebab43b788e4a8661be9a1e3dbb1af1468c0fc504f4d420e8d

    • SHA512

      88678264d0fb579b6e22073b703a4ec0bee61d493b4f682b3793a94ad63fa7afe56afe86be4f114b3beb88e74e574bec19fac509f8f2138e8a4d385d4998de46

    • SSDEEP

      3072:wZbM1uArFpdSHP4tZr5f9MTSqqB5/Rv437PA:v86FpwHP+rcSqixRAD

    Score
    9/10
    ransomware

    • Renames multiple (120) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops desktop.ini file(s)

    behavioral1

MITRE ATT&CK Matrix

Tasks