Overview

overview

9

Static

static

3

e57ea41879...cd.exe

windows7-x64

9

e57ea41879...cd.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    e57ea41879ca10d517cb69bc29f60fd4ab05a1b1fa4d3a1a8943a2f890d237cd

  • Size

    191KB

  • Sample

    240528-h3zdwabh23

  • MD5

    15c6d87b659bfb5250dc7213ebd3f09a

  • SHA1

    9cd4cae9265d0e68f88c322aaa3ef0d452eccbd9

  • SHA256

    e57ea41879ca10d517cb69bc29f60fd4ab05a1b1fa4d3a1a8943a2f890d237cd

  • SHA512

    238228472fb37870bc64ccdf1eca67ff921dc52b22d6b0222478c5dfa5638e0f29e33921252c01d40f864895132e456163b7e54fdf288bdcb752bcc3dbb7ad9a

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZsC8e7WpMaxeb0CYJ97lEYNR73e+eKZsCz:RqKvb0CYJ973e+eKZtqKvb0CYJ973e+L

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e57ea41879ca10d517cb69bc29f60fd4ab05a1b1fa4d3a1a8943a2f890d237cd

    • Size

      191KB

    • MD5

      15c6d87b659bfb5250dc7213ebd3f09a

    • SHA1

      9cd4cae9265d0e68f88c322aaa3ef0d452eccbd9

    • SHA256

      e57ea41879ca10d517cb69bc29f60fd4ab05a1b1fa4d3a1a8943a2f890d237cd

    • SHA512

      238228472fb37870bc64ccdf1eca67ff921dc52b22d6b0222478c5dfa5638e0f29e33921252c01d40f864895132e456163b7e54fdf288bdcb752bcc3dbb7ad9a

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZsC8e7WpMaxeb0CYJ97lEYNR73e+eKZsCz:RqKvb0CYJ973e+eKZtqKvb0CYJ973e+L

    Score
    9/10
    ransomware

    • Renames multiple (4107) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks