Overview

overview

9

Static

static

3

c08c808442...f6.exe

windows7-x64

9

c08c808442...f6.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c08c8084427eb892a3e198ef532cb5acbe1eb6e4d91c0bf79d2ff336755950f6

  • Size

    64KB

  • Sample

    240605-c84b5acb2x

  • MD5

    1d3334cb3786f9f2e49c3977a427537a

  • SHA1

    766fcdaccd6a41e9c62c9edb890240cc84c7caa0

  • SHA256

    c08c8084427eb892a3e198ef532cb5acbe1eb6e4d91c0bf79d2ff336755950f6

  • SHA512

    4eff4f89298b5ffc081a98f17f332178ffff694128cd5ee67d142bb3177eb7d4338b4af1561b18ecc517bbf0319f5b7a955a927de91fb864b7a378dadf63df85

  • SSDEEP

    384:GBt7Br5xjL9AgA71FbhvuNBNQFcgBt7Br5xjL9AgA71FbhvuNBNQFSn:W7BlpppARFbhHFcs7BlpppARFbhHFSn

Score
9/10
ransomware

Malware Config

Targets

    • Target

      c08c8084427eb892a3e198ef532cb5acbe1eb6e4d91c0bf79d2ff336755950f6

    • Size

      64KB

    • MD5

      1d3334cb3786f9f2e49c3977a427537a

    • SHA1

      766fcdaccd6a41e9c62c9edb890240cc84c7caa0

    • SHA256

      c08c8084427eb892a3e198ef532cb5acbe1eb6e4d91c0bf79d2ff336755950f6

    • SHA512

      4eff4f89298b5ffc081a98f17f332178ffff694128cd5ee67d142bb3177eb7d4338b4af1561b18ecc517bbf0319f5b7a955a927de91fb864b7a378dadf63df85

    • SSDEEP

      384:GBt7Br5xjL9AgA71FbhvuNBNQFcgBt7Br5xjL9AgA71FbhvuNBNQFSn:W7BlpppARFbhHFcs7BlpppARFbhHFSn

    Score
    9/10
    ransomware

    • Renames multiple (199) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks