Overview

overview

9

Static

static

3

41b9006ca6...d1.exe

windows7-x64

9

41b9006ca6...d1.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1

  • Size

    174KB

  • Sample

    240525-zq94aaaf36

  • MD5

    086e85ec802bbec0b84c30a6e9d8a806

  • SHA1

    506ae3be4b6d7ce0bd9c8fb0a62a70254b2ebe10

  • SHA256

    41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1

  • SHA512

    b5ae95a30d71e70e0733e550b754e15a6bb42db03961c29a1554b2afe6554b26c3b350f4f7b8874ab147acf3f1ca38a5a6ccfb48c61bb053677cedf14f30c939

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUv1kUe7WpP9oVLQthbYY9oVLQthbUv1kO:RqAtkfqAtkO

Score
9/10
ransomware

Malware Config

Targets

    • Target

      41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1

    • Size

      174KB

    • MD5

      086e85ec802bbec0b84c30a6e9d8a806

    • SHA1

      506ae3be4b6d7ce0bd9c8fb0a62a70254b2ebe10

    • SHA256

      41b9006ca61420b2c152a95d50a2cdf768fccf82f8d46f2ec24fe175fc8746d1

    • SHA512

      b5ae95a30d71e70e0733e550b754e15a6bb42db03961c29a1554b2afe6554b26c3b350f4f7b8874ab147acf3f1ca38a5a6ccfb48c61bb053677cedf14f30c939

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUv1kUe7WpP9oVLQthbYY9oVLQthbUv1kO:RqAtkfqAtkO

    Score
    9/10
    ransomware

    • Renames multiple (3542) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks