Overview

overview

9

Static

static

3

031cbfb225...1b.exe

windows7-x64

9

031cbfb225...1b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    031cbfb225a965be310cbce258beb2211548e4da2c5c9a424a0bbdd46a65b71b

  • Size

    144KB

  • Sample

    240528-wrqjgsee3z

  • MD5

    0d0f0aa067a9ae5b41b6cf543147693e

  • SHA1

    07eace5bc7b73e0cb7b429dd688083c6b8b766b1

  • SHA256

    031cbfb225a965be310cbce258beb2211548e4da2c5c9a424a0bbdd46a65b71b

  • SHA512

    ac1bf1f1c18db94d84065543947d6e0b594f24d6f052a86ec42ea9040c3868b97e2e236a76b8ccf34a9f5fab6909fb7e681b724f51df2b39d8d5ca1020458c82

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUvVe7WpP9oVLQthbYY9oVLQthbUvr:RqAIqAT

Score
9/10
ransomware

Malware Config

Targets

    • Target

      031cbfb225a965be310cbce258beb2211548e4da2c5c9a424a0bbdd46a65b71b

    • Size

      144KB

    • MD5

      0d0f0aa067a9ae5b41b6cf543147693e

    • SHA1

      07eace5bc7b73e0cb7b429dd688083c6b8b766b1

    • SHA256

      031cbfb225a965be310cbce258beb2211548e4da2c5c9a424a0bbdd46a65b71b

    • SHA512

      ac1bf1f1c18db94d84065543947d6e0b594f24d6f052a86ec42ea9040c3868b97e2e236a76b8ccf34a9f5fab6909fb7e681b724f51df2b39d8d5ca1020458c82

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUvVe7WpP9oVLQthbYY9oVLQthbUvr:RqAIqAT

    Score
    9/10
    ransomware

    • Renames multiple (886) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks