Overview

overview

9

Static

static

3

9bc0d7af71...8c.exe

windows7-x64

9

9bc0d7af71...8c.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9bc0d7af7108a6ca4069ce3774ccfab3b7ddd5f435d4106b85b4f6a06de0f28c

  • Size

    161KB

  • Sample

    240525-bnanmshd5t

  • MD5

    0a7050f4d7c4c91f943bade2538bcc70

  • SHA1

    e2c5a03ad6e93e5180a21747125b418f4fdf809e

  • SHA256

    9bc0d7af7108a6ca4069ce3774ccfab3b7ddd5f435d4106b85b4f6a06de0f28c

  • SHA512

    d14b557e249307a0c099426c7c03755914e7113ae320b37c39d24b7c91478f246c2a640fe1876b68fc8739c1959b2456acc6fd5575bbdcb62b2e8a4a0730ed2c

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBq:PqFF2Ie+e1qL1qFF2Ie+e1qLf

Score
9/10
ransomware

Malware Config

Targets

    • Target

      9bc0d7af7108a6ca4069ce3774ccfab3b7ddd5f435d4106b85b4f6a06de0f28c

    • Size

      161KB

    • MD5

      0a7050f4d7c4c91f943bade2538bcc70

    • SHA1

      e2c5a03ad6e93e5180a21747125b418f4fdf809e

    • SHA256

      9bc0d7af7108a6ca4069ce3774ccfab3b7ddd5f435d4106b85b4f6a06de0f28c

    • SHA512

      d14b557e249307a0c099426c7c03755914e7113ae320b37c39d24b7c91478f246c2a640fe1876b68fc8739c1959b2456acc6fd5575bbdcb62b2e8a4a0730ed2c

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBq:PqFF2Ie+e1qL1qFF2Ie+e1qLf

    Score
    9/10
    ransomware

    • Renames multiple (4146) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks