Overview

overview

10

Static

static

10

0cd2215c8c...5e.exe

windows7-x64

9

0cd2215c8c...5e.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0cd2215c8cf4d97bbb2fff9361a1213eddf08fb14def67cd1d897ad36e1b145e

  • Size

    527KB

  • Sample

    240601-w8seeabc71

  • MD5

    5cf718014aecabce8d9d517b48e48a8e

  • SHA1

    5b7915f55e1a380c7c23c18de235bf726247419b

  • SHA256

    0cd2215c8cf4d97bbb2fff9361a1213eddf08fb14def67cd1d897ad36e1b145e

  • SHA512

    eaa56d5cfdf94b574643a1f4a57e92175883a61ed0b064e3fb02a18288099d2974ba60bd3e7c3888e2fcb98050e65233a4fc914d260a3a46a5fa2e7388db6b9f

  • SSDEEP

    6144:RqAYoAnjyDdU1sL8Lsw9g09Bp0cV07nNoTWwanx:/y+mm8YwBm7fnx

Score
10/10
ransomware

Malware Config

Targets

    • Target

      0cd2215c8cf4d97bbb2fff9361a1213eddf08fb14def67cd1d897ad36e1b145e

    • Size

      527KB

    • MD5

      5cf718014aecabce8d9d517b48e48a8e

    • SHA1

      5b7915f55e1a380c7c23c18de235bf726247419b

    • SHA256

      0cd2215c8cf4d97bbb2fff9361a1213eddf08fb14def67cd1d897ad36e1b145e

    • SHA512

      eaa56d5cfdf94b574643a1f4a57e92175883a61ed0b064e3fb02a18288099d2974ba60bd3e7c3888e2fcb98050e65233a4fc914d260a3a46a5fa2e7388db6b9f

    • SSDEEP

      6144:RqAYoAnjyDdU1sL8Lsw9g09Bp0cV07nNoTWwanx:/y+mm8YwBm7fnx

    Score
    9/10
    ransomware

    • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features

    • Renames multiple (3454) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks