Overview
overview
10Static
static
7bc41543926...18.zip
windows7-x64
1Documents/...er.exe
windows7-x64
10Documents/...ll.exe
windows7-x64
9Documents/...aw.exe
windows7-x64
10Documents/...ky.exe
windows7-x64
10Documents/...31.exe
windows7-x64
1Documents/...3 .exe
windows7-x64
7Documents/...d9.dll
windows7-x64
10Documents/...63b.gz
windows7-x64
3Documents/...bin.gz
windows7-x64
3Documents/...097.gz
windows7-x64
3fe2e5d0543...L9.rtf
windows7-x64
4Documents/...uy.hta
windows7-x64
10Documents/...st.exe
windows7-x64
7Documents/...39.exe
windows7-x64
6Documents/...5c.exe
windows7-x64
6Documents/...00.exe
windows7-x64
7out.exe
windows7-x64
3Documents/...16.zip
windows7-x64
1Supplement...16.scr
windows7-x64
3Documents/...ZSFwgb
windows7-x64
1Documents/...96.exe
windows7-x64
Documents/...ed.exe
windows7-x64
Documents/...70.exe
windows7-x64
9Documents/...67.exe
windows7-x64
10Documents/...56.exe
windows7-x64
10Documents/...ab.exe
windows7-x64
8Documents/...3a.exe
windows7-x64
8Documents/...73.exe
windows7-x64
8Documents/...ry.zip
windows7-x64
1ed01ebfbc9...aa.exe
windows7-x64
10Documents/...aa.exe
windows7-x64
10Resubmissions
22-08-2024 18:43
240822-xc563asamh 1021-08-2024 17:16
240821-vtjnaathnq 1030-06-2024 00:59
240630-bcjr6svbkk 1020-06-2024 02:02
240620-cf43ysxbnk 1020-06-2024 01:44
240620-b5v1xawemk 1019-06-2024 01:10
240619-bjmseavfmp 1018-06-2024 20:40
240618-zfwsxawdpa 1018-06-2024 13:45
240618-q2vcjawdle 10Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
18-06-2024 20:40
Behavioral task
behavioral1
Sample
bc41543926dda3762ae39e35aba7a813_JaffaCakes118.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Documents/Ransomware.Cerber/cerber.exe
Resource
win7-20231129-en
Behavioral task
behavioral3
Sample
Documents/Ransomware.Cryptowall/cryptowall.exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Documents/Ransomware.Jigsaw/jigsaw.exe
Resource
win7-20240221-en
Behavioral task
behavioral5
Sample
Documents/Ransomware.Locky/Locky.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Documents/Ransomware.Mamba/131.exe
Resource
win7-20240419-en
Behavioral task
behavioral7
Sample
Documents/Ransomware.Matsnu/Matsnu-MBRwipingRansomware_1B2D2A4B97C7C2727D571BBF9376F54F_Inkasso Rechnung vom 27.05.2013 .exe
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/027cc450ef5f8c5f653329641ec1fed9.dll
Resource
win7-20240508-en
Behavioral task
behavioral9
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b.gz
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/ee29b9c01318a1e23836b949942db14d4811246fdae2f41df9f0dcd922c63bc6.bin.gz
Resource
win7-20240611-en
Behavioral task
behavioral11
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/fe2e5d0543b4c8769e401ec216d78a5a3547dfd426fd47e097.gz
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
fe2e5d0543b4c8769e401ec216d78a5a3547dfd426fd47e097df04a5f7d6d206_OFkNP1kKL9.rtf
Resource
win7-20240221-en
Behavioral task
behavioral13
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/myguy.hta
Resource
win7-20240508-en
Behavioral task
behavioral14
Sample
Documents/Ransomware.Petrwrap/Ransomware.Petrwrap/svchost.exe
Resource
win7-20240611-en
Behavioral task
behavioral15
Sample
Documents/Ransomware.Petya/Ransomware.Petya/26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
Documents/Ransomware.Petya/Ransomware.Petya/4c1dc737915d76b7ce579abddaba74ead6fdb5b519a1ea45308b8c49b950655c.exe
Resource
win7-20240220-en
Behavioral task
behavioral17
Sample
Documents/Ransomware.Radamant/Ransomware.Radamant/DUMP_00A10000-00A1D000.exe
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
out.exe
Resource
win7-20240611-en
Behavioral task
behavioral19
Sample
Documents/Ransomware.Radamant/Ransomware.Radamant/Supplementary Agreement 26_01_2016.zip
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
Supplementary Agreement 26_01_2016.scr
Resource
win7-20240611-en
Behavioral task
behavioral21
Sample
Documents/Ransomware.Rex/WTEpZSFwgb
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
Documents/Ransomware.Satana/Ransomware.Satana/683a09da219918258c58a7f61f7dc4161a3a7a377cf82a31b840baabfb9a4a96.exe
Resource
win7-20240508-en
Behavioral task
behavioral23
Sample
Documents/Ransomware.Satana/Ransomware.Satana/unpacked.exe
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
Documents/Ransomware.TeslaCrypt/Ransomware.TeslaCrypt/3372c1edab46837f1e973164fa2d726c5c5e17bcb888828ccd7c4dfcc234a370.exe
Resource
win7-20240508-en
Behavioral task
behavioral25
Sample
Documents/Ransomware.TeslaCrypt/Ransomware.TeslaCrypt/51B4EF5DC9D26B7A26E214CEE90598631E2EAA67.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
Documents/Ransomware.TeslaCrypt/Ransomware.TeslaCrypt/E906FA3D51E86A61741B3499145A114E9BFB7C56.exe
Resource
win7-20231129-en
Behavioral task
behavioral27
Sample
Documents/Ransomware.Vipasana/Ransomware.Vipasana/0442cfabb3212644c4b894a7e4a7e84c00fd23489cc4f96490f9988e6074b6ab.exe
Resource
win7-20240220-en
Behavioral task
behavioral28
Sample
Documents/Ransomware.Vipasana/Ransomware.Vipasana/c0cf40b8830d666a24bdd4febdc162e95aa30ed968fa3675e26ad97b2e88e03a.exe
Resource
win7-20240419-en
Behavioral task
behavioral29
Sample
Documents/Ransomware.Vipasana/Ransomware.Vipasana/e49778d20a2f9b1f8b00ddd24b6bcee81af381ed02cfe0a3c9ab3111cda5f573.exe
Resource
win7-20240611-en
Behavioral task
behavioral30
Sample
Documents/Ransomware.WannaCry/Ransomware.WannaCry.zip
Resource
win7-20240508-en
Behavioral task
behavioral31
Sample
ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
Resource
win7-20240611-en
Behavioral task
behavioral32
Sample
Documents/Ransomware.WannaCry/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
Resource
win7-20240508-en
General
-
Target
out.exe
-
Size
51KB
-
MD5
8f681b52fcfe200d14c81d297a323cf7
-
SHA1
1375d3c3cb1d2ea8d6f80a2cfe11107d80ad9a34
-
SHA256
a1c1164f6b43a3592a98b29adc045f9ca37ec0624eb2f2c027bfffe24a4915d1
-
SHA512
88f936cfc95833017fefa7a342cb9b41ae7ea2e7123f7e8bb4192db53b0b48998421176132a4ead98fbb25d31d0f1ee8e0f7995d14e94ab3e094d4dcceb7ad36
-
SSDEEP
768:uElAvOs4CTfOgGYdlNGCizSHdq12UMx9s6zAKSXwa/2e:ZlafjVsrODKpKSXN
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1720 2208 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2208 wrote to memory of 1720 2208 out.exe 28 PID 2208 wrote to memory of 1720 2208 out.exe 28 PID 2208 wrote to memory of 1720 2208 out.exe 28 PID 2208 wrote to memory of 1720 2208 out.exe 28