Overview

overview

9

Static

static

3

8a6799399f...1e.exe

windows7-x64

9

8a6799399f...1e.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a6799399f52cbaa318a30df82e6e01e2386f279b72ed5926de9d3ee36bf5d1e

  • Size

    147KB

  • Sample

    240611-apztgswgkc

  • MD5

    68b92a5f2675d7cf4841568911526701

  • SHA1

    d4a74389f5db270add6c32d699faa7ec02b97701

  • SHA256

    8a6799399f52cbaa318a30df82e6e01e2386f279b72ed5926de9d3ee36bf5d1e

  • SHA512

    dc942599caae7442a03726d190cd55124be104bc34b99ee13be9b51504d33ec9f44eb63f094e02f818f63281a22471fc4b1fa9d3a474e2aa1d7e81fb18534043

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFVqFF2Ie+eF9

Score
9/10
ransomware

Malware Config

Targets

    • Target

      8a6799399f52cbaa318a30df82e6e01e2386f279b72ed5926de9d3ee36bf5d1e

    • Size

      147KB

    • MD5

      68b92a5f2675d7cf4841568911526701

    • SHA1

      d4a74389f5db270add6c32d699faa7ec02b97701

    • SHA256

      8a6799399f52cbaa318a30df82e6e01e2386f279b72ed5926de9d3ee36bf5d1e

    • SHA512

      dc942599caae7442a03726d190cd55124be104bc34b99ee13be9b51504d33ec9f44eb63f094e02f818f63281a22471fc4b1fa9d3a474e2aa1d7e81fb18534043

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFVqFF2Ie+eF9

    Score
    9/10
    ransomware

    • Renames multiple (4515) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks