Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 00:21

General

  • Target

    VirusShare_5ca4a80f1687c5fe0519da974567b374.exe

  • Size

    161KB

  • MD5

    5ca4a80f1687c5fe0519da974567b374

  • SHA1

    ade5793052ae0b983eeb00564459618a67747fcc

  • SHA256

    8842974b86c6101a5bbb18dc16dea293e4eb7a9656dbee241ecce7a677d2cdfc

  • SHA512

    ff457c8e7a2f4dcbecf7f6dac50c18ddca99b3116ebcc80f0bf60335219bce597c7679fde1ec6141d664a5cef1a5e1494c9d3e76d7ae4002e765ec2210412d5b

  • SSDEEP

    3072:6kG5EochEls8Mn4YOZS6CuJlt8RBlHAMPyO5GNkzQWjF3zeBzd3An1YgCQSPH96U:CvchcsDny46CNBOEyO0aQ43zeBzJAn3x

Score
10/10

Malware Config

Signatures

  • Locky

    Ransomware strain released in 2016, with advanced features like anti-analysis.

Processes

  • C:\Users\Admin\AppData\Local\Temp\VirusShare_5ca4a80f1687c5fe0519da974567b374.exe
    "C:\Users\Admin\AppData\Local\Temp\VirusShare_5ca4a80f1687c5fe0519da974567b374.exe"
    1⤵
      PID:2308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2308-1-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-0-0x0000000000412000-0x0000000000414000-memory.dmp

      Filesize

      8KB

    • memory/2308-2-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-4-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-7-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-9-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-14-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB

    • memory/2308-16-0x0000000000400000-0x000000000042D000-memory.dmp

      Filesize

      180KB