Overview

overview

9

Static

static

3

bebb9d6fcd...dd.exe

windows7-x64

9

bebb9d6fcd...dd.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bebb9d6fcd11752c22c98e98fbb9ad55136e8a4ec4791d81bcf71fd52ff23add

  • Size

    164KB

  • Sample

    240527-cnb25scf61

  • MD5

    504c9301022369da88568df8b855f96f

  • SHA1

    d539bc4dfb0aa33d3bf8446c64968b1f25467f0f

  • SHA256

    bebb9d6fcd11752c22c98e98fbb9ad55136e8a4ec4791d81bcf71fd52ff23add

  • SHA512

    4a0c0f5ca92f2e72cdef9c5836b1da5b5ec995f207a7eb21f368356cc6f64e48407c8661e1161861f8ec74aaedff8e5fb534bdc94b5cd66740bc832f35bfb01b

  • SSDEEP

    3072:6DWpwE7oL2e+e/l4+u+aDWpwE7oL2e+e/l4+u+2:dN/e+eu+u+9N/e+eu+u+2

Score
9/10
ransomware

Malware Config

Targets

    • Target

      bebb9d6fcd11752c22c98e98fbb9ad55136e8a4ec4791d81bcf71fd52ff23add

    • Size

      164KB

    • MD5

      504c9301022369da88568df8b855f96f

    • SHA1

      d539bc4dfb0aa33d3bf8446c64968b1f25467f0f

    • SHA256

      bebb9d6fcd11752c22c98e98fbb9ad55136e8a4ec4791d81bcf71fd52ff23add

    • SHA512

      4a0c0f5ca92f2e72cdef9c5836b1da5b5ec995f207a7eb21f368356cc6f64e48407c8661e1161861f8ec74aaedff8e5fb534bdc94b5cd66740bc832f35bfb01b

    • SSDEEP

      3072:6DWpwE7oL2e+e/l4+u+aDWpwE7oL2e+e/l4+u+2:dN/e+eu+u+9N/e+eu+u+2

    Score
    9/10
    ransomware

    • Renames multiple (4026) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks