Overview

overview

9

Static

static

3

d9d6a1b095...28.exe

windows7-x64

9

d9d6a1b095...28.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-05-2024 03:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d9d6a1b0959a8a8bbab0d8fc59b1639b12b82d37a316bd8588005cb63d5b9628.exe

  • Size

    127KB

  • MD5

    5e988b1b46385bf5db116c2ad53cb6c6

  • SHA1

    f9ab2c5059e443dd5b2804a4afc7eb5d811c4f7a

  • SHA256

    d9d6a1b0959a8a8bbab0d8fc59b1639b12b82d37a316bd8588005cb63d5b9628

  • SHA512

    0f298b2de531193792692c91f3e1decfffe768846d545fee6f4799da61f210239a0ecb3b70a7d60835b9828525af78e6208b484868f9b24851836e2151c1f3ff

  • SSDEEP

    3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzE:RqlIyFESWu0SWuGSwxn

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4870) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d9d6a1b0959a8a8bbab0d8fc59b1639b12b82d37a316bd8588005cb63d5b9628.exe
    "C:\Users\Admin\AppData\Local\Temp\d9d6a1b0959a8a8bbab0d8fc59b1639b12b82d37a316bd8588005cb63d5b9628.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2124
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4036,i,10373433614523925616,13586256558317053467,262144 --variations-seed-version --mojo-platform-channel-handle=4196 /prefetch:8
    1⤵
      PID:4436

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-1181767204-2009306918-3718769404-1000\desktop.ini.tmp
      Filesize

      127KB

      MD5

      eed533cc7ce83adfe00f2b351253c0d1

      SHA1

      140c441561e032a849ad0c6eb058da2fdf99a05c

      SHA256

      91bfdd964c757888b98d5040238d19ad68ac6feec185c31b680323b0c4823148

      SHA512

      fef222a54d48f2b9095668718199772235b76f0f1781cb74496ccb311cbcea6a1500fa677db1f4d1580d7c7356b257219ea49d954c62fb63900d3d668fc060ba

      Download Submit

    • C:\Program Files\7-Zip\7-zip.chm.exe
      Filesize

      240KB

      MD5

      990ae24efc00ae704f6ce09eba7dac29

      SHA1

      370abc623a97411016ba138e7c498d0b228b7119

      SHA256

      f5ae138ff12ba3481d477eec0a7d2ef4ca48833026f8ceb1ed62d7f832629b2b

      SHA512

      c6f88a6ed8467758c5934698a23aa717a3a99df4f841f141c74cf33a3a9252ebfa44797e5a1ef331d004bedea8987a806161b3a16a4ad9a52e884f381a5f0c74

      Download Submit