Overview

overview

9

Static

static

3

dcd118bb56...b3.exe

windows7-x64

9

dcd118bb56...b3.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-05-2024 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dcd118bb56b14a94383b8f5d03aeac61466a1647fd8fa8eb55909a38bcfc08b3.exe

  • Size

    79KB

  • MD5

    0407aac52d67e182a96d87111c3c37d3

  • SHA1

    302c38e6909ef30073706a7dd008cb5c30ecc4e8

  • SHA256

    dcd118bb56b14a94383b8f5d03aeac61466a1647fd8fa8eb55909a38bcfc08b3

  • SHA512

    e70a48cf0e3017c4e6d59894a991e7e606b9e0a20f5f0165d9fd160367623c4c2b8ac5d177c9e29580bf8ed9654e01b503ccc0f7bf8ad7c9e5f316b939e55939

  • SSDEEP

    768:W7BlpDpARFbhYQkQjjLaMaRRpi1xnRpi1xOYJIJDYJIJMFhWFhCmDpBIjsZORReR:W7ZDpApYbWj2WTWJe+e/qX4

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4860) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dcd118bb56b14a94383b8f5d03aeac61466a1647fd8fa8eb55909a38bcfc08b3.exe
    "C:\Users\Admin\AppData\Local\Temp\dcd118bb56b14a94383b8f5d03aeac61466a1647fd8fa8eb55909a38bcfc08b3.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-540404634-651139247-2967210625-1000\desktop.ini.tmp
    Filesize

    79KB

    MD5

    edbd48743a5e6f6e6da1d6ec8b2e8a90

    SHA1

    287f579f10bb0e0732a78854ef9a2aa52910059c

    SHA256

    ca18848b82c0110f8245e265eb87ee012452ff4b078b73332c9b6db9f5c20f5e

    SHA512

    d81626cc4be68db8556bb54f0324ec922a2aebe864c801ea524883c5e674286a310df8a07eb2d1bddd5287e01bff2ae3e83498110aa9d64b1cb7325c9ebdb62a

    Download Submit
  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    178KB

    MD5

    61717a30fd85a367fe15d361ba29830c

    SHA1

    ec53894b6a63897f9be94af41edc1e32c2d20e94

    SHA256

    9efe7144367bb06f27d3897ef97f25dc9944b44b1b537e728c887854f7803c70

    SHA512

    aa83124500330fb649374ae0cbb06b8e0ab3c4d5cad5b3d8400ff1ceb135b610af13a9dd243ea766c7027de6b99144ce6670fd783400a131cfa123e6fab526d9

    Download Submit