Analysis

  • max time kernel
    150s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 23:19

General

  • Target

    709cbcb5256d38c04f08482d540b55a7d471759fce97b6a1d2996712a103d4a2.exe

  • Size

    81KB

  • MD5

    99524f0e97132ebb2d26d6075a609a2c

  • SHA1

    e061e2778578083c0a25af4a5b72cbe35d2cd22c

  • SHA256

    709cbcb5256d38c04f08482d540b55a7d471759fce97b6a1d2996712a103d4a2

  • SHA512

    efc618613af4027e3128a019b748cce812df0d69ce56f4270ffff4949fbd192d49802e72bcee684c1bf9584619e0b55cc9ce57fa62d5fb5de11483f3a4fb225b

  • SSDEEP

    1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76uSW:6e7WpP9oVLQthbYY9oVLQthbUvx

Score
9/10

Malware Config

Signatures

  • Renames multiple (3678) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\709cbcb5256d38c04f08482d540b55a7d471759fce97b6a1d2996712a103d4a2.exe
    "C:\Users\Admin\AppData\Local\Temp\709cbcb5256d38c04f08482d540b55a7d471759fce97b6a1d2996712a103d4a2.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

    Filesize

    82KB

    MD5

    d3991e6dd14b0a95f667c574b43b25ab

    SHA1

    49e1a6dbc898e67ed8d8eaeca70925eea78b7001

    SHA256

    1ac82d7f13f5296b81d3d015eb8011d700461cb25738f1eaa9addfa5e3bc88ec

    SHA512

    2ab7398984ef5ad01292e8687587e8f8f41da080cc1d8d852b68227b0fca1a745e2335ce07501bfd0a289de02c30bff1d273657db8d3f9d9dfe19089b77ec850

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    91KB

    MD5

    616bf02200e0d01353edcdc2e35f0593

    SHA1

    a6767426fb6ac7583b83438bcc146e9e2a26f221

    SHA256

    39c59804a4ebd67524dc7ea2233d039db6649ee0aae72d0a64649037a09315dd

    SHA512

    5fa3f22f99c5e01e3bf82f975eaa5f50aad79428500beec12be1ce3c4779cdd9c75479a72d370e6118045948aad8a87ac8992bad148809d572be2ac396e88610