Overview

overview

9

Static

static

3

0eb2df30e4...28.exe

windows7-x64

9

0eb2df30e4...28.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0eb2df30e43ff63facf3705edc3ae471980268492f79399e3de5cafc7fe9a028

  • Size

    160KB

  • Sample

    240604-xdfykage89

  • MD5

    9e5acb9b21205d71ae406197fd12c1f8

  • SHA1

    7c55d6260b3c4a2548b7cd3b82043f55d81636e4

  • SHA256

    0eb2df30e43ff63facf3705edc3ae471980268492f79399e3de5cafc7fe9a028

  • SHA512

    29c44f8a0e64afeb2f655e5ffa72b5ae8859df6428fbf7d2f7d4edc0fa193edbbc8fd32bcd417f939f12689a585bd5f1a8138dcbfed7de0f7548f2c84982b864

  • SSDEEP

    3072:6DWpwE7oL2e+efZwZ08i89DWpwE7oL2e+efZwZ08i8e:dN/e+efimJDN/e+efimJj

Score
9/10
ransomware

Malware Config

Targets

    • Target

      0eb2df30e43ff63facf3705edc3ae471980268492f79399e3de5cafc7fe9a028

    • Size

      160KB

    • MD5

      9e5acb9b21205d71ae406197fd12c1f8

    • SHA1

      7c55d6260b3c4a2548b7cd3b82043f55d81636e4

    • SHA256

      0eb2df30e43ff63facf3705edc3ae471980268492f79399e3de5cafc7fe9a028

    • SHA512

      29c44f8a0e64afeb2f655e5ffa72b5ae8859df6428fbf7d2f7d4edc0fa193edbbc8fd32bcd417f939f12689a585bd5f1a8138dcbfed7de0f7548f2c84982b864

    • SSDEEP

      3072:6DWpwE7oL2e+efZwZ08i89DWpwE7oL2e+efZwZ08i8e:dN/e+efimJDN/e+efimJj

    Score
    9/10
    ransomware

    • Renames multiple (4014) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks