Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 01:29

General

  • Target

    a558a4ae5122e5a522a373a4f18fa8bee2c9491ee8259d19d1f119f0ff3f8b11.exe

  • Size

    77KB

  • MD5

    d8b97b318f9aa1bd5205d796903b0e47

  • SHA1

    634c0bd06f42f46bc878da592a06cfae328c2784

  • SHA256

    a558a4ae5122e5a522a373a4f18fa8bee2c9491ee8259d19d1f119f0ff3f8b11

  • SHA512

    e18a10ddabc3f759486270a36f2b379544fd0855dd2fcb8474185ea31ad013fddb70aef124b532113c4ae2ca06131b7687bf8e7c72e562b648753db76bbbb590

  • SSDEEP

    1536:W7ZDpApYbWjIlE77ufL2e+efZwZ2Zja0tKmmjvja0tKmmjc:6DWpwE7oL2e+efZwZt

Score
9/10

Malware Config

Signatures

  • Renames multiple (595) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a558a4ae5122e5a522a373a4f18fa8bee2c9491ee8259d19d1f119f0ff3f8b11.exe
    "C:\Users\Admin\AppData\Local\Temp\a558a4ae5122e5a522a373a4f18fa8bee2c9491ee8259d19d1f119f0ff3f8b11.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1688

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

    Filesize

    77KB

    MD5

    5f7ccd53a19fea9b33de2e45842c4355

    SHA1

    933845445d8740418cb0548009c3e17190dce3da

    SHA256

    cf447358b0f93bd9cf82af15741d66fde7c2036710d376e36ed4a81043243525

    SHA512

    b09810ba222f146ea7bd7a87e745f9f0becb902a092f08d3f599083274e2c1070db6070e2cf0777c83c8e1139f7e9765740c595e9aa8d9bef7de27f8df2c23dc

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

    Filesize

    86KB

    MD5

    8f75e867db61fc4cf8ee83b5475a09b6

    SHA1

    db819831b5583ea6b9df0d4e634ac2ac653b1013

    SHA256

    166e19ef14fa76bced728de79a55a25c58de997b2bd4f7e715d7c09184b23afc

    SHA512

    0abeaa25b3f3479f3ebc51c87197dd7ad87a0b638896b8f03c0014f18601a4c0b7baa5c262b61597f48277beb259b63a50bf6710735e3fb574458e6a5c023203