Overview

overview

9

Static

static

3

9d85b19303...8f.exe

windows7-x64

9

9d85b19303...8f.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d85b19303923a3d5178b886b5c8b16eed7b68fe0ccd693a1bf66a966b9d568f

  • Size

    136KB

  • Sample

    240710-crpsea1cpp

  • MD5

    a44c99519bf3854d39dbe925e6608014

  • SHA1

    700f9133fbca6d6d3a52a7f3abb3d19c11df5471

  • SHA256

    9d85b19303923a3d5178b886b5c8b16eed7b68fe0ccd693a1bf66a966b9d568f

  • SHA512

    062551aec10fc1eaca0de28d8b549316f41cf6ed141e481e2535959ecefcb47cca954c8e171c97954d5a7c4db0c67192f136d18dfeb589ad558bdc66c576022c

  • SSDEEP

    1536:W7ZNLpApCZuvIYXmdtd3gIgr657ZNLpApCZuvIYXmdtd3gIgr6U:6NLWpCZLYoNLWpCZLYX

Score
9/10
ransomware

Malware Config

Targets

    • Target

      9d85b19303923a3d5178b886b5c8b16eed7b68fe0ccd693a1bf66a966b9d568f

    • Size

      136KB

    • MD5

      a44c99519bf3854d39dbe925e6608014

    • SHA1

      700f9133fbca6d6d3a52a7f3abb3d19c11df5471

    • SHA256

      9d85b19303923a3d5178b886b5c8b16eed7b68fe0ccd693a1bf66a966b9d568f

    • SHA512

      062551aec10fc1eaca0de28d8b549316f41cf6ed141e481e2535959ecefcb47cca954c8e171c97954d5a7c4db0c67192f136d18dfeb589ad558bdc66c576022c

    • SSDEEP

      1536:W7ZNLpApCZuvIYXmdtd3gIgr657ZNLpApCZuvIYXmdtd3gIgr6U:6NLWpCZLYoNLWpCZLYX

    Score
    9/10
    ransomware

    • Renames multiple (4797) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks