Overview

overview

10

Static

static

3

f741b66592...02.exe

windows7-x64

10

f741b66592...02.exe

windows10-2004-x64

10

Resubmissions

25/07/2024, 14:12

240725-rh7dessgkl 10

07/07/2024, 09:11

240707-k5yaps1bpa 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f741b66592c42e73af7adc46815cf6183765a2fb6a5f9f96cc75eaaf7dc15402

  • Size

    326KB

  • Sample

    240707-k5yaps1bpa

  • MD5

    f088b0524afae3a92f571c4cc390d064

  • SHA1

    4945a0a0f226aac22992e4960d1f764904c509d2

  • SHA256

    f741b66592c42e73af7adc46815cf6183765a2fb6a5f9f96cc75eaaf7dc15402

  • SHA512

    b41b13f7c3b8679371f1effbdb0f64e9466a549cda4116e058f18892e0883819fa797ac57c1eaad56db4f71dee39fa3ff107d12d656c40005813b1621820057e

  • SSDEEP

    6144:QXqpIW/yoztkBUPeuLWzWDj4IByRuE3AzJNxRbIIJE:qq2W/7RkB6qGKuE6NxBIIJE

Score
10/10
playransomware

Malware Config

Targets

    • Target

      f741b66592c42e73af7adc46815cf6183765a2fb6a5f9f96cc75eaaf7dc15402

    • Size

      326KB

    • MD5

      f088b0524afae3a92f571c4cc390d064

    • SHA1

      4945a0a0f226aac22992e4960d1f764904c509d2

    • SHA256

      f741b66592c42e73af7adc46815cf6183765a2fb6a5f9f96cc75eaaf7dc15402

    • SHA512

      b41b13f7c3b8679371f1effbdb0f64e9466a549cda4116e058f18892e0883819fa797ac57c1eaad56db4f71dee39fa3ff107d12d656c40005813b1621820057e

    • SSDEEP

      6144:QXqpIW/yoztkBUPeuLWzWDj4IByRuE3AzJNxRbIIJE:qq2W/7RkB6qGKuE6NxBIIJE

    Score
    10/10
    playransomware

    • PLAY Ransomware, PlayCrypt

      Ransomware family first seen in mid 2022.

      ransomwareplay

    • Renames multiple (86) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks