Analysis

  • max time kernel
    149s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 04:52

General

  • Target

    fc51b85b1131a48d98c677b8a9da29d78f6d5a71b0b51b829017e0bdb0b29313.exe

  • Size

    92KB

  • MD5

    37376f54b6e7ab0de919ddd482d32bdc

  • SHA1

    6e348d5887a6fe65ff13c7e830bbabf092b97e00

  • SHA256

    fc51b85b1131a48d98c677b8a9da29d78f6d5a71b0b51b829017e0bdb0b29313

  • SHA512

    c225ece1618541771709a7c979a6ffd9131d60fbb114fa6210ceb1ad963ab320b2ebc743fcb8a29fd7e99e56445f8f57c371d7b38e39e79b118afe561a0d2ae7

  • SSDEEP

    1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNR:6rWpcOPxPke+e3fFpsJOfFpsJbgET

Score
9/10

Malware Config

Signatures

  • Renames multiple (3448) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fc51b85b1131a48d98c677b8a9da29d78f6d5a71b0b51b829017e0bdb0b29313.exe
    "C:\Users\Admin\AppData\Local\Temp\fc51b85b1131a48d98c677b8a9da29d78f6d5a71b0b51b829017e0bdb0b29313.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2376

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

          Filesize

          92KB

          MD5

          55779ca0ac267a738dd4dd528ad1dad9

          SHA1

          f543ea0a238cbb1c77e3b6fe748608ad88b65e68

          SHA256

          c84e07a97ab8e22a1a1124dda0e4f5025de0cec8ee21c8509d407a02e6461f32

          SHA512

          9ebdc37c9fb688e2f9703d814f718c9521a481dc0a1ca1f99f246a71c953863ae40d01c8f0993f9eec8c1b061bc6252e67f28655dde0fb6fb46d9aa6ca7e6314

        • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

          Filesize

          101KB

          MD5

          7cb2bfdd80453256e736e3a38a1cb91b

          SHA1

          7f30140ddf7ba9e105f34da6b5e4ce5d7d452882

          SHA256

          932e9b0dff514c043066a1d96d7a2c88d33fc710ff34ff81c05da90df19a00a5

          SHA512

          8c4f1a054f663459a7354eee77b0962e68cc5fc4af6f553f9b0e4d1a5db50188c0274943471666191bc9c044b4d797498a314cc91d5b0260d28ac36c33c8fbbf