Overview

overview

9

Static

static

3

0a00021f2b...49.exe

windows7-x64

9

0a00021f2b...49.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2024 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a00021f2b31c6dde33736ec42008885c94243bc6451e8b6a1e30f81a344e149.exe

  • Size

    92KB

  • MD5

    1a8f08d26664594fb06088b96ee22ce5

  • SHA1

    5597cdbbd4e6e968512b2d42838fecd34f6ffbee

  • SHA256

    0a00021f2b31c6dde33736ec42008885c94243bc6451e8b6a1e30f81a344e149

  • SHA512

    cab81000f19c9d3d48d02204af51ac13bac958f8dc46d15cbe34895d5dfef1e3cd4f8a8fcf04d3a4309ef7a383918bab987ce08bcc625b4739a1aff2feafa38f

  • SSDEEP

    1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNJvxvg:6rWpcOPxPke+e3fFpsJOfFpsJbgEDJg

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4840) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0a00021f2b31c6dde33736ec42008885c94243bc6451e8b6a1e30f81a344e149.exe
    "C:\Users\Admin\AppData\Local\Temp\0a00021f2b31c6dde33736ec42008885c94243bc6451e8b6a1e30f81a344e149.exe"
    1⤵
    • Drops file in Program Files directory
    PID:464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3571316656-3665257725-2415531812-1000\desktop.ini.tmp
    Filesize

    92KB

    MD5

    a58b212d656d420f5069ef02a18e9450

    SHA1

    73c7c71fbbfba5857b7bcc90615004ff338c26a8

    SHA256

    b49c942753ee30a982e3dea327f276b58f2584a1191c76a047e4305399bb7857

    SHA512

    4ff80d20bf25edb27c0b9192d45f53cd38d13c9c97198d89af9670e5253c5dcbdf00aecb09edd9a31d8eb3af77c0138c0c9e95d80b4b10220ef72283ec9dae7c

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    191KB

    MD5

    c49eceacd46c780b9f6cf002c1804387

    SHA1

    b275f326bd5e40382dde21a7b33aae466ec90490

    SHA256

    671a979008094307eca62617ad46cc9c790d865b4c3ac52fbaed0cc0cd854d26

    SHA512

    c6c41a806e9f2358da643a6b5acf38b7641af50e9a09865587987b66a7f7384c29b2bf9b078bd761c78be814d0dc8f05315c3fdc429725e330b0dedafcd21c1e

    Download Submit