Overview

overview

9

Static

static

3

749fa5b448...d4.exe

windows7-x64

9

749fa5b448...d4.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    749fa5b4484deea50b7ce8d05bf8558b55df0b4661a183fd3d1a7ef7080b5dd4

  • Size

    196KB

  • Sample

    240614-2pfjdsyhkh

  • MD5

    91760996aec14eaf9c4f5f14e5a88296

  • SHA1

    2da6ffd92aa03d015b5ac0a3f38e202553e71595

  • SHA256

    749fa5b4484deea50b7ce8d05bf8558b55df0b4661a183fd3d1a7ef7080b5dd4

  • SHA512

    8ec1fa2675d111c51303f3b080b71708d191a08ef306c077a9c3b1e742b4f9be5f8a1d52f17f72fe3b509839253d807b43d8347433008a30f6066dc0ff978fcb

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBF:PqFF2Ie+effyzqFF2Ie+effyu

Score
9/10
ransomware

Malware Config

Targets

    • Target

      749fa5b4484deea50b7ce8d05bf8558b55df0b4661a183fd3d1a7ef7080b5dd4

    • Size

      196KB

    • MD5

      91760996aec14eaf9c4f5f14e5a88296

    • SHA1

      2da6ffd92aa03d015b5ac0a3f38e202553e71595

    • SHA256

      749fa5b4484deea50b7ce8d05bf8558b55df0b4661a183fd3d1a7ef7080b5dd4

    • SHA512

      8ec1fa2675d111c51303f3b080b71708d191a08ef306c077a9c3b1e742b4f9be5f8a1d52f17f72fe3b509839253d807b43d8347433008a30f6066dc0ff978fcb

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBF:PqFF2Ie+effyzqFF2Ie+effyu

    Score
    9/10
    ransomware

    • Renames multiple (3963) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks