Overview

overview

9

Static

static

3

5ce48503ab...bf.exe

windows7-x64

9

5ce48503ab...bf.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    05/06/2024, 23:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5ce48503ab5666f05a409d4e2a874d9bbdac4e469220a7388644a3e724400ebf.exe

  • Size

    73KB

  • MD5

    02c95b20a1f40d9a538b516a23388e74

  • SHA1

    bc2304f45b5f0095cde8d2cc1395cb77fa0c6e12

  • SHA256

    5ce48503ab5666f05a409d4e2a874d9bbdac4e469220a7388644a3e724400ebf

  • SHA512

    fd9f0f316124269a869e29f468b3863b9653fd0a5421177bd41153c8283dfa599c935ce126e37d313ad1253f19edfdc1c8776a20af1c29098a49c864edb6b6b3

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/HfFpsJOfFpsJp:6e7WpMaxeb0CYJ97lEYNR73e+eKZHfFg

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3466) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ce48503ab5666f05a409d4e2a874d9bbdac4e469220a7388644a3e724400ebf.exe
    "C:\Users\Admin\AppData\Local\Temp\5ce48503ab5666f05a409d4e2a874d9bbdac4e469220a7388644a3e724400ebf.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1304

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-2248906074-2862704502-246302768-1000\desktop.ini.tmp
          Filesize

          74KB

          MD5

          15e5c7163a28594ae8f1ad6cdb768913

          SHA1

          c899efa81d4e49f57094073d23c5d2e4728d22da

          SHA256

          b8f3f288f966fee8aef1e09dde04192cc0e1bdbe0a294b60ff295ab1a9099a3d

          SHA512

          ac914d48fc2b4adc06823b4c08c378782a84886d969afd9e1fa1c75247c223a32126452e757a8aeb3d6da58162a719e921340cd4831d309c5f2aad1c199cfd9b

          Download Submit

        • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
          Filesize

          82KB

          MD5

          2a349f60ef64280df91234ab423881c4

          SHA1

          6a55aaa68efd6b9682e282e11cb64433b47406e2

          SHA256

          783d34990078ad71ad11dc99464f45f84a4416f38c16cf840c9f135d55618d69

          SHA512

          e10db6376b69d4cf727d3d905e7fb960aed67e0e6f216e09e6490b4673d3243b2169d32ce7aa813c4e09732d1881234a7484921b0ae068131f5a306368cc1a2d

          Download Submit