Overview

overview

9

Static

static

3

cd214238cd...cd.exe

windows7-x64

9

cd214238cd...cd.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    cd214238cdd65795cc8e72c70f9dd03b725fe0178be45a17913150542a737ccd

  • Size

    184KB

  • Sample

    240704-ecc66svdla

  • MD5

    89a71ad3f3fa6f4bc0b02fa238a09aa2

  • SHA1

    3c48e6d5be4913c75c15c942c12c398f9cb89c5b

  • SHA256

    cd214238cdd65795cc8e72c70f9dd03b725fe0178be45a17913150542a737ccd

  • SHA512

    4c86b7b28fa308c10ed8b0f333ad250979b7787f91e2b0baa1f4580dc8f63897159a980fd9ebd95297e5536f0210e8583ad596ffea4d608cd5cc01571c5cda91

  • SSDEEP

    3072:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDcksh/Ux79WpQEoTdc6e6kvNDck7Tdc6e6f:nSTdc6e6kvNDck7Tdc6e6kvNDckyUxwJ

Score
9/10
ransomware

Malware Config

Targets

    • Target

      cd214238cdd65795cc8e72c70f9dd03b725fe0178be45a17913150542a737ccd

    • Size

      184KB

    • MD5

      89a71ad3f3fa6f4bc0b02fa238a09aa2

    • SHA1

      3c48e6d5be4913c75c15c942c12c398f9cb89c5b

    • SHA256

      cd214238cdd65795cc8e72c70f9dd03b725fe0178be45a17913150542a737ccd

    • SHA512

      4c86b7b28fa308c10ed8b0f333ad250979b7787f91e2b0baa1f4580dc8f63897159a980fd9ebd95297e5536f0210e8583ad596ffea4d608cd5cc01571c5cda91

    • SSDEEP

      3072:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDcksh/Ux79WpQEoTdc6e6kvNDck7Tdc6e6f:nSTdc6e6kvNDck7Tdc6e6kvNDckyUxwJ

    Score
    9/10
    ransomware

    • Renames multiple (3692) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks