Overview

overview

9

Static

static

3

0799b55eea...21.exe

windows7-x64

9

0799b55eea...21.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/07/2024, 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe

  • Size

    43KB

  • MD5

    5dfc959c524fd601c9d08d62722d1a2d

  • SHA1

    c6f2b20a672b7b3733c15506571c51ceb948f60a

  • SHA256

    0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421

  • SHA512

    00e84d0034a96d3dabaa53ec112a374217e4d4a59e143affd61c46e5b08ad8699b8bc17a14ba1ffc68195d00eb88ffc3ea7a14ab5e97e13b0ce34d7e717d35a0

  • SSDEEP

    192:tACUADIY0Br5xjL/FAgAQmP1oynLb22vuN6GnN6GATQ1nrvjjs2jjsX:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrQ

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (5292) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe
    "C:\Users\Admin\AppData\Local\Temp\0799b55eea0a810089ba411cb2f158e1bdefebbdeb8fc7cd18c555e732d83421.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-587429654-1855694383-2268796072-1000\desktop.ini.tmp
    Filesize

    43KB

    MD5

    0a4d99383a2a4d6a3dff8a6e2364c877

    SHA1

    6f59b2f465f7433e4382a0aa18471c657f9644c4

    SHA256

    e088d4a04d276b53a5a015538006285a5c4c20cbe46cc66524013e2bb590a0c5

    SHA512

    4f5e18b90e8d59ba372178af8bd458c37a566708c080135f02a7a38cf07cf08e7de1cee86eeb977c285cc29db10d7010c5340f45e1a5e5e6b05a61b717a1c5a8

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    142KB

    MD5

    598088f1133d0f425b7a542c4d694e03

    SHA1

    c568846927980d71b6292d3a49b2b5f519e5e697

    SHA256

    689a6223b466a7bb4ca6b9a70f68685caf5ef2b0c12979bf4608115b6b83c7fc

    SHA512

    b669494f20ed9d5cb5a7657f7cb8f8afc4f4deb16c44f98a9428009fa671d05701c6108f449e68680378c069e0fdfa6884d7f970262d722bf35baa75fffe7ed0

    Download Submit