Overview

overview

9

Static

static

3

b45f029df4...1e.exe

windows7-x64

9

b45f029df4...1e.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b45f029df494b7969e56cf5fb9ad7ea3ab7fd325ef8574d03bf357494e3b911e

  • Size

    178KB

  • Sample

    240525-ctafhabd83

  • MD5

    8341e59e1836bb7582ee17a966cb7522

  • SHA1

    ee2c48e2ee6c48d9cfdd35a305098a7048464b60

  • SHA256

    b45f029df494b7969e56cf5fb9ad7ea3ab7fd325ef8574d03bf357494e3b911e

  • SHA512

    673b6ff6576eb7ce4ed58bbed26ddfbc74db9f4c33d5216cdea57ec08f90cbc04e9d10d5e26583c37ddccfea78037a96b096db6cbf4206594b5328668aeedfdb

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEbrWpcOPxPke+e3fFpsJOfFpsJbgEu:tFPxPke+eIeFPxPke+eIu

Score
9/10
ransomware

Malware Config

Targets

    • Target

      b45f029df494b7969e56cf5fb9ad7ea3ab7fd325ef8574d03bf357494e3b911e

    • Size

      178KB

    • MD5

      8341e59e1836bb7582ee17a966cb7522

    • SHA1

      ee2c48e2ee6c48d9cfdd35a305098a7048464b60

    • SHA256

      b45f029df494b7969e56cf5fb9ad7ea3ab7fd325ef8574d03bf357494e3b911e

    • SHA512

      673b6ff6576eb7ce4ed58bbed26ddfbc74db9f4c33d5216cdea57ec08f90cbc04e9d10d5e26583c37ddccfea78037a96b096db6cbf4206594b5328668aeedfdb

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEbrWpcOPxPke+e3fFpsJOfFpsJbgEu:tFPxPke+eIeFPxPke+eIu

    Score
    9/10
    ransomware

    • Renames multiple (5521) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks