Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:05

General

  • Target

    335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe

  • Size

    81KB

  • MD5

    2106eedc6b545e7032704eb9f0985082

  • SHA1

    52575bf2f84f5f63099105a50ce7a06955cdf367

  • SHA256

    335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149

  • SHA512

    bfd61d5abce899f968469b56b9460daacd1bfc41e8616ec58e3ca4e184a5af90ad6b294dcb647381809476b20a0654d6d1b4cb60e232a4b2acfae7c29cb7d4b1

  • SSDEEP

    1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696EB:6e7WpXYvndEB

Score
9/10

Malware Config

Signatures

  • Renames multiple (3505) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe
    "C:\Users\Admin\AppData\Local\Temp\335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1880

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

          Filesize

          81KB

          MD5

          2e675dbe4960175560443cd756638281

          SHA1

          23f55902bcb493e0fa4d13833e1d0038b6aa721b

          SHA256

          6f17f709ecf9779af5ed15a997c545ba242cc130f1ab29d1682a87899215519e

          SHA512

          a488624a4e98881bf450c30939a4d21f231426bac8795b0e76741f8853484c8827119fad01067220eacc23ea1317d0aa62ee19aec0da239b1960cbb970abdd5b

        • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

          Filesize

          90KB

          MD5

          032bf8161918ec30b9656196ca73e17d

          SHA1

          009d47466f14eda19f758dbb401768e598ea6b16

          SHA256

          f75cd40ae1215f098bea596bfbd2765448a2c0997513aad1c57e0394381ba525

          SHA512

          13ea4236a9d09c57f21278e39efe9a0c16d001a43705030a7c3f335359c34996f4650dad1af5f483acf974112fa5407621dde795b7183eeda4bab17fe6ab02d8