Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-06-2024 00:01

General

  • Target

    808538fc842810d1502a81ea1f10bede35ebcb4929a60805747b9a4e59028fda.exe

  • Size

    92KB

  • MD5

    c53e86a0cc43377f5714997938682731

  • SHA1

    f7b487761860ec5e7f95c07da93c2a9b2f28fbf9

  • SHA256

    808538fc842810d1502a81ea1f10bede35ebcb4929a60805747b9a4e59028fda

  • SHA512

    5d817b3836c0d135b89866f5ace5b0d0bb3d978bc191e45962895020504b537a81aaea8a2eea6b5151e67266a04906d36901ca4bd1b2f3dc1b6b5ca2a8dba796

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/0VXaqvx:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXN

Score
9/10

Malware Config

Signatures

  • Renames multiple (5199) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\808538fc842810d1502a81ea1f10bede35ebcb4929a60805747b9a4e59028fda.exe
    "C:\Users\Admin\AppData\Local\Temp\808538fc842810d1502a81ea1f10bede35ebcb4929a60805747b9a4e59028fda.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3558294865-3673844354-2255444939-1000\desktop.ini.tmp

    Filesize

    93KB

    MD5

    0e10837f95e58891ae1be9fa7cb10d72

    SHA1

    4a36d90a284769c4f7fe307d3836e41070b1b11c

    SHA256

    0673440acee7dc27b73df06a7375206d0078de5ecef20da3fec2be21b5077efa

    SHA512

    ef5202bc347690d0ec03afadc97d9f2bb4c9fb7675b598a7aa5105a4a86ef6d174c681ccb85125f5508109d92a177f495c775c4906f84ab17764a2b45e45812a

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    191KB

    MD5

    c325fbfd67be18304da63453643b10f7

    SHA1

    0b44886071b3260830f97bd34a295bc57106962f

    SHA256

    2fac32cf82c0b0af903e87280979a387b9c971b407ccc775cc382a0a6086c678

    SHA512

    3e6e730f41d0e58533bb9dd6b94ea2baa2c5115d860d0dfc0251da1831d9e5fbbfe0878f937834730fd79d15d55436c1570ff46cbc5965477a9ef65e780412a9