Overview

overview

9

Static

static

3

c02b0b738d...fd.exe

windows7-x64

9

c02b0b738d...fd.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    c02b0b738df8838cf38ad2bd4f174a8d50865cf24e39366262dad113cc39aafd

  • Size

    195KB

  • Sample

    240615-b3ldpayckr

  • MD5

    4a627fae040d191e6d22567495b59fbb

  • SHA1

    dd5dddb8e199e6f193f9c2f1713fb1119d02cd9b

  • SHA256

    c02b0b738df8838cf38ad2bd4f174a8d50865cf24e39366262dad113cc39aafd

  • SHA512

    edae33cb00a2bd9aa5ddae2b274ed1c326c072bc57a8fe4c35f8ebebd054d013599eef0b0a5337c25fbeb5cc82ce0b2747d5a3aea37535aedb6c94669517c330

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEtrWpcOPxPke+e3fFpsJOfFpsJbgED:tFPxPke+eIUFPxPke+eID

Score
9/10
ransomware

Malware Config

Targets

    • Target

      c02b0b738df8838cf38ad2bd4f174a8d50865cf24e39366262dad113cc39aafd

    • Size

      195KB

    • MD5

      4a627fae040d191e6d22567495b59fbb

    • SHA1

      dd5dddb8e199e6f193f9c2f1713fb1119d02cd9b

    • SHA256

      c02b0b738df8838cf38ad2bd4f174a8d50865cf24e39366262dad113cc39aafd

    • SHA512

      edae33cb00a2bd9aa5ddae2b274ed1c326c072bc57a8fe4c35f8ebebd054d013599eef0b0a5337c25fbeb5cc82ce0b2747d5a3aea37535aedb6c94669517c330

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEtrWpcOPxPke+e3fFpsJOfFpsJbgED:tFPxPke+eIUFPxPke+eID

    Score
    9/10
    ransomware

    • Renames multiple (4507) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks