Overview

overview

9

Static

static

3

Done.exe

windows7-x64

9

Done.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Done.exe

  • Size

    118KB

  • Sample

    240525-2t6w5sdd8z

  • MD5

    7ab0af2a1153adcf3237b3bcf1b35419

  • SHA1

    f5e9dc83eb95ae4b1118b034e91e937c9b884bca

  • SHA256

    a45219c59e190f25ad6d40db0ae74cd8af0b4222b9d7d409322de7dd2ae2373a

  • SHA512

    e5736298809fdeb6b66766ae3a8db355a152ca784ad8ccf8500e4496cf869f320c11f6dd4e5ca484e56ef7819d13f52f2bb668ae7db06ab4ef3e439c231cc723

  • SSDEEP

    3072:8ZbACwLtsHStagQqAzbt9LbjdcVONk2p38SnLtoA6:feSta6AzbnS0Nk2pMSnLtX

Score
9/10
ransomware

Malware Config

Targets

    • Target

      Done.exe

    • Size

      118KB

    • MD5

      7ab0af2a1153adcf3237b3bcf1b35419

    • SHA1

      f5e9dc83eb95ae4b1118b034e91e937c9b884bca

    • SHA256

      a45219c59e190f25ad6d40db0ae74cd8af0b4222b9d7d409322de7dd2ae2373a

    • SHA512

      e5736298809fdeb6b66766ae3a8db355a152ca784ad8ccf8500e4496cf869f320c11f6dd4e5ca484e56ef7819d13f52f2bb668ae7db06ab4ef3e439c231cc723

    • SSDEEP

      3072:8ZbACwLtsHStagQqAzbt9LbjdcVONk2p38SnLtoA6:feSta6AzbnS0Nk2pMSnLtX

    Score
    9/10
    ransomware

    • Renames multiple (63) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks