Overview

overview

9

Static

static

3

0799b55eea...21.exe

windows7-x64

9

0799b55eea...21.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2024, 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe

  • Size

    43KB

  • MD5

    5dfc959c524fd601c9d08d62722d1a2d

  • SHA1

    c6f2b20a672b7b3733c15506571c51ceb948f60a

  • SHA256

    0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421

  • SHA512

    00e84d0034a96d3dabaa53ec112a374217e4d4a59e143affd61c46e5b08ad8699b8bc17a14ba1ffc68195d00eb88ffc3ea7a14ab5e97e13b0ce34d7e717d35a0

  • SSDEEP

    192:tACUADIY0Br5xjL/FAgAQmP1oynLb22vuN6GnN6GATQ1nrvjjs2jjsX:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrQ

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3782) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe
    "C:\Users\Admin\AppData\Local\Temp\0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2660163958-4080398480-1122754539-1000\desktop.ini.tmp
    Filesize

    43KB

    MD5

    a2af0c2dfef1b28e55aec4056140d3df

    SHA1

    1452068c33483f964bba22d8b32c24c9626aa3d5

    SHA256

    ba888fbb51930ca28bde8d6cea96d1a9c500e3ed9ad2e150562e527b08af2583

    SHA512

    29d89da6aefb152b238d272116b602c88ec69794834233d562f1d723719a4d8bed651f0c8af864f724e5109542955c7b9b682a04c14b227872e5f88c2bea25b0

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    52KB

    MD5

    b82584a81c5147f86aea9ae7050a54f7

    SHA1

    e110eb2b896b0ee057347b1d39e6a04bdf05a5f7

    SHA256

    97a47547a8cee923769e6a01310aa097334180e7887552036463afba0b3d125a

    SHA512

    13de514f793dd4d3204bb9c20927f3d622fad6fe0995e2d3c2679fb0f25add46d678ed229bd92791b2746ff7e54db15ecd3dad1c77e9fdd2571f79e9c37d8013

    Download Submit