Overview

overview

9

Static

static

3

cc6ff280b0...7a.exe

windows7-x64

9

cc6ff280b0...7a.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    cc6ff280b0bf781112f09cb89b324be9e3e2ce5cb8f73a57ec898b2ac8dc0e7a

  • Size

    192KB

  • Sample

    240606-g5n59abc58

  • MD5

    c0f97698215afaabbb5afca1462a4e2f

  • SHA1

    0430b081cc02752c00fce33e3d57009642eb22e5

  • SHA256

    cc6ff280b0bf781112f09cb89b324be9e3e2ce5cb8f73a57ec898b2ac8dc0e7a

  • SHA512

    4540391f6c8bae5dcf669e1f41777e7ce3c84862478efd10d240fb4ad5ff5d24e87cb3972bfb6a6baa5dcc1282a25d76bed0f0cf2392bc72ac3c420fc6cfdc07

  • SSDEEP

    3072:6e7WpP9oVLQthbYY9oVLQthbUv1keme7WpP9oVLQthbYY9oVLQthbUv1kez:RqAtkeFqAtkez

Score
9/10
ransomware

Malware Config

Targets

    • Target

      cc6ff280b0bf781112f09cb89b324be9e3e2ce5cb8f73a57ec898b2ac8dc0e7a

    • Size

      192KB

    • MD5

      c0f97698215afaabbb5afca1462a4e2f

    • SHA1

      0430b081cc02752c00fce33e3d57009642eb22e5

    • SHA256

      cc6ff280b0bf781112f09cb89b324be9e3e2ce5cb8f73a57ec898b2ac8dc0e7a

    • SHA512

      4540391f6c8bae5dcf669e1f41777e7ce3c84862478efd10d240fb4ad5ff5d24e87cb3972bfb6a6baa5dcc1282a25d76bed0f0cf2392bc72ac3c420fc6cfdc07

    • SSDEEP

      3072:6e7WpP9oVLQthbYY9oVLQthbUv1keme7WpP9oVLQthbYY9oVLQthbUv1kez:RqAtkeFqAtkez

    Score
    9/10
    ransomware

    • Renames multiple (5485) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks