Overview

overview

9

Static

static

3

99368b347d...e8.exe

windows7-x64

9

99368b347d...e8.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    99368b347d3b694e80673c97cd28ada9a552eb3af8c0d5d3ec64d7da502a28e8

  • Size

    224KB

  • Sample

    240630-afz3wstcrj

  • MD5

    b37893cc2798e37665e3d62e4ea527cd

  • SHA1

    2d942e4b5ea3c336829a736201c3ece779c6fcb4

  • SHA256

    99368b347d3b694e80673c97cd28ada9a552eb3af8c0d5d3ec64d7da502a28e8

  • SHA512

    eb5c6851c110037e56e00399b3ec16f705887be30ff91671975a570033e435b03fd6f61a152c7854ec2cdeb5bd8b2184834768865b348823ebd8acef885bc8b9

  • SSDEEP

    3072:6DWp2R9vHpKmEGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2ixMF:d29/pKvShcHUaZ

Score
9/10
ransomware

Malware Config

Targets

    • Target

      99368b347d3b694e80673c97cd28ada9a552eb3af8c0d5d3ec64d7da502a28e8

    • Size

      224KB

    • MD5

      b37893cc2798e37665e3d62e4ea527cd

    • SHA1

      2d942e4b5ea3c336829a736201c3ece779c6fcb4

    • SHA256

      99368b347d3b694e80673c97cd28ada9a552eb3af8c0d5d3ec64d7da502a28e8

    • SHA512

      eb5c6851c110037e56e00399b3ec16f705887be30ff91671975a570033e435b03fd6f61a152c7854ec2cdeb5bd8b2184834768865b348823ebd8acef885bc8b9

    • SSDEEP

      3072:6DWp2R9vHpKmEGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2ixMF:d29/pKvShcHUaZ

    Score
    9/10
    ransomware

    • Renames multiple (3433) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks