Analysis

  • max time kernel
    149s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 23:52

General

  • Target

    7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe

  • Size

    51KB

  • MD5

    880bb22be5ca5146b402ffecf07df8b7

  • SHA1

    727cf903f584aea9fe59be8b60a7a00367251011

  • SHA256

    7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41

  • SHA512

    8c99fdd0626e3e79c580602ae3dc223822ab2d84de9fc885a5b0680b91cc9a7fe34a3431fc5da2e0c3a8c29244cb3742c5b8b2cefa77633c3d891e6150a4f356

  • SSDEEP

    768:W7BlpppARFbhWJQi3I1krJwYSoVaEI1krJwYSoVaX:W7ZppApHiYRoVa3RoVaX

Score
9/10

Malware Config

Signatures

  • Renames multiple (3790) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe
    "C:\Users\Admin\AppData\Local\Temp\7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

    Filesize

    51KB

    MD5

    cfb70b5bbbf15db464588baaccdfc47d

    SHA1

    cc6a96e06a13180913327471aeec753308c560c4

    SHA256

    15c35faf2b4f72b06bc0a8947dc910001e6bc8d344c890dc4301fafca6c02f08

    SHA512

    253415f60b31fdbee550796a3f018360b0702ba4a415deb047027dea19a0c8712b1151e787afd71d678a9edf26a08d754deee7b1f0e38618d66bebb7da05e5a0

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    60KB

    MD5

    efad9211f947003aa2e8c51be80c9804

    SHA1

    989e0730bed768fe1ee622851cabec7ade1efa7d

    SHA256

    8a1331ed8930d5f36da969207827aa682d4918142d04264f1c46ec59288f88e7

    SHA512

    481ae556b122a5ce2e0eb0abd4ad9a73b14741e130db2faec00901b8b0d88c89837f778b770294132a2a8d51a7ca3c5a86c439fa135d2d38d6423bb20c364b6e