Overview

overview

9

Static

static

3

5542f6e9b3...75.exe

windows7-x64

9

5542f6e9b3...75.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    5542f6e9b3f7bf1744526a481a9eff18423b7d97de755c4cd42983ea2d2b9575

  • Size

    133KB

  • Sample

    240706-1p3hgstfnm

  • MD5

    eb743e0f5d5b50267c9fe4ba5f1d2a47

  • SHA1

    84ae056fe2a65a8a4740e264c03a107c08eeed19

  • SHA256

    5542f6e9b3f7bf1744526a481a9eff18423b7d97de755c4cd42983ea2d2b9575

  • SHA512

    088976188379d3ec6a81f748edef41d934ed3dd749c3d868c33333392a56abad508692028622d565e4dcfd4b577647cd0a96bd7c754321871f6da4c85c5698f0

  • SSDEEP

    1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5m7Z+pApfGQ3y3RWvfmRfm9sKsSd5Ux9i:6+WpDfmRfmh6+WpDfmRfmhExE

Score
9/10
ransomware

Malware Config

Targets

    • Target

      5542f6e9b3f7bf1744526a481a9eff18423b7d97de755c4cd42983ea2d2b9575

    • Size

      133KB

    • MD5

      eb743e0f5d5b50267c9fe4ba5f1d2a47

    • SHA1

      84ae056fe2a65a8a4740e264c03a107c08eeed19

    • SHA256

      5542f6e9b3f7bf1744526a481a9eff18423b7d97de755c4cd42983ea2d2b9575

    • SHA512

      088976188379d3ec6a81f748edef41d934ed3dd749c3d868c33333392a56abad508692028622d565e4dcfd4b577647cd0a96bd7c754321871f6da4c85c5698f0

    • SSDEEP

      1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5m7Z+pApfGQ3y3RWvfmRfm9sKsSd5Ux9i:6+WpDfmRfmh6+WpDfmRfmhExE

    Score
    9/10
    ransomware

    • Renames multiple (4562) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks