Overview

overview

9

Static

static

3

6f66bc1fcc...af.exe

windows7-x64

9

6f66bc1fcc...af.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-07-2024 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6f66bc1fcc93c3d7899d2b89378f214c31fc8743c86fa79da6f852576de26eaf.exe

  • Size

    39KB

  • MD5

    03539004a044ccdf97e83861086dbfc6

  • SHA1

    bc40d2872f720468f92a884b2cdc85cb739245d4

  • SHA256

    6f66bc1fcc93c3d7899d2b89378f214c31fc8743c86fa79da6f852576de26eaf

  • SHA512

    6e9b4c17e51ee20934314066f85cf44fce7b9f6226bfb178ed0de695d805072961ec8340ed6ba70fcfe3955dee5d8701c3dedbb78da6c28a077f679625ce3520

  • SSDEEP

    768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BVF:/7ZQpApmiF

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5352) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6f66bc1fcc93c3d7899d2b89378f214c31fc8743c86fa79da6f852576de26eaf.exe
    "C:\Users\Admin\AppData\Local\Temp\6f66bc1fcc93c3d7899d2b89378f214c31fc8743c86fa79da6f852576de26eaf.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-771719357-2485960699-3367710044-1000\desktop.ini.tmp
    Filesize

    39KB

    MD5

    efcd9fa2d4e11d07ff5564cc3c32e33a

    SHA1

    a129c6488ec3ada998171b65fb649e5fe6af77cb

    SHA256

    b0574846bed0ee9902e85e1caa73f1c70600d13cd536ba28133f300aac5d0dde

    SHA512

    92e9b9d83d08bbca8a04477d383dfcfd82c61c789b274fb3570a977f893d5834ff59692ae870e47f0520e4ad60d0e424c422d35d8011ac6a7626b11823bef86d

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    138KB

    MD5

    1725dab4ed245f11bb91e23e8898f2e3

    SHA1

    2c1a04dfb52b1869ab39235d0d1726348d101b96

    SHA256

    f963d31ce5b456673ebe797731f6f32e66527066ec2d1beae10aaaaa1bced24b

    SHA512

    0551cdbfea8a15fa952dfb4daaff205a0a6d349f69976bb3f23e2e5377e256643c7e875841a188435fa29ea4852f2c943a84f06edbb4ed38c868015b96f7f913

    Download Submit

  • memory/4248-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4248-1986-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download