Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-06-2024 23:31

General

  • Target

    7508f15d6df21966effb3201d7b378b71a4c3b1e4bd3bee082e0977fb876e813.exe

  • Size

    99KB

  • MD5

    b1d6dc3a60c0d843c9be05264407d3c5

  • SHA1

    fb34e5ea303620dad146d35babe692ff2f98875d

  • SHA256

    7508f15d6df21966effb3201d7b378b71a4c3b1e4bd3bee082e0977fb876e813

  • SHA512

    8897da3514d1a8543e4e9f017e2ce99c571ce7e1304aa0776068efa8e53595b677abe4aacde9ef235c91067bd07d822677cabbaccdf232ebde33bf8242e7ea4e

  • SSDEEP

    1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPYX:6rWpcOPxPke+e3fFpsJOfFpsJbgES

Score
9/10

Malware Config

Signatures

  • Renames multiple (5026) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7508f15d6df21966effb3201d7b378b71a4c3b1e4bd3bee082e0977fb876e813.exe
    "C:\Users\Admin\AppData\Local\Temp\7508f15d6df21966effb3201d7b378b71a4c3b1e4bd3bee082e0977fb876e813.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3906287020-2915474608-1755617787-1000\desktop.ini.tmp

    Filesize

    99KB

    MD5

    fb123d6f32bc2f45a918a40a9514ff69

    SHA1

    e108b015e6ddd9eeaa18769c670be24ee2789f2a

    SHA256

    67e174b2e5eea87effc30b6f97f4d0b0bbea63baebc75a6ce46517d47a01ec71

    SHA512

    8be4b270f469b796925693176302b217ee250c772eac7789cab590c1da01d2b371e3cf86a6576044907ae5fd1d008f2ab87943fef9304224dd17e98d38b88215

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    198KB

    MD5

    19559f830636034a515185d9afe20cff

    SHA1

    353006caf5c442ebe9cca7c24cf229eaef7ba05d

    SHA256

    4ce7405f9cf0462d900bc2aefdf4b3dc1e7ab4092904547f10d0df9fce76a6ce

    SHA512

    010e8281028e0ccefaa4cd83fbc978b73696762fc30162eef0c98dfe8796d78bfb4109b5a28b524e82a892f0105ab6d5989bb6a762fa86037a663158c7f0459c