Analysis

  • max time kernel
    148s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 01:19

General

  • Target

    19f4731843983ba98198f774107abd70.exe

  • Size

    82KB

  • MD5

    19f4731843983ba98198f774107abd70

  • SHA1

    121ef84b922900ff987e2a9a89da1783342c2d5b

  • SHA256

    cbb640aa74eaba4cb8acfdf24e56ea72def4778225c778b826a64c82d17b28ce

  • SHA512

    3311e5e2865285918d7826132a0de4f0169bebe75cf3ef5b083d2a2385a1d438bf87bb3a02d360c2edcde2673ac125ae574ea6851455350ad8f177ad261f0517

  • SSDEEP

    1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6wt7t2rt303hHUsG:6e7WpP9oVLQthbYY9oVLQthbUrt7t2rB

Score
9/10

Malware Config

Signatures

  • Renames multiple (5130) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\19f4731843983ba98198f774107abd70.exe
    "C:\Users\Admin\AppData\Local\Temp\19f4731843983ba98198f774107abd70.exe"
    1⤵
    • Drops file in Program Files directory
    PID:5052

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-1337824034-2731376981-3755436523-1000\desktop.ini.tmp

          Filesize

          82KB

          MD5

          1358db61226453979deb1935724b6e32

          SHA1

          a1ab6c849ca2f7dba00a8b10c0a5806727a8d8f2

          SHA256

          7c10c959a01f9de0027755f630ca6d3be802485e42f9694ab69c53e18a7044ba

          SHA512

          e281b363e5b7dd94b8ca04360d186523889b5ecb28bdb0a211f0649e2496baf87891957f4beb2a424275202f67cbc813d997ac78379d6beb8d01f3499bb6df36

        • C:\Program Files\7-Zip\7-zip.dll.tmp

          Filesize

          181KB

          MD5

          105145d3808da7351115b75ea19b455c

          SHA1

          d5536330d7a212f1e8c004d82a4d62c1a92dec26

          SHA256

          6251c5459563bc4cbf24af860279c09248d06956156599a11d187c9e9b625db7

          SHA512

          5930c398a29d161912b91ce7f7238becbcccad8b1f92e34f457ec87cdff371a5ca3cb36746b9a281cdc8fe26b42b24321e365625037dcbff871b90a0e8818a63