Overview

overview

9

Static

static

3

3449cb5db1...0N.exe

windows7-x64

9

3449cb5db1...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3449cb5db133441cec7d6af3a910c920N.exe

  • Size

    83KB

  • Sample

    240713-c62erascjn

  • MD5

    3449cb5db133441cec7d6af3a910c920

  • SHA1

    71bdbbac4593a8307cb482d1ae1d48992b16dc23

  • SHA256

    1cd2479c2797673dbc3cf46d866bd723d86d36edac3e747f5e00f5adbb458364

  • SHA512

    6b3bab222e49661b8aaf0d9189cb546f209e96ecef69b171cb6bdebcd3d6e09a711724e4280da80998bf7013df8c19bd95a157b6f81cf52fd00e278f6ee3fd3a

  • SSDEEP

    1536:W7ZppApB7tlJ5OvtlJ5O57ZppApB7tlJ5OvtlJ5OD:6pWpB7tctQpWpB7tctE

Score
9/10
ransomware

Malware Config

Targets

    • Target

      3449cb5db133441cec7d6af3a910c920N.exe

    • Size

      83KB

    • MD5

      3449cb5db133441cec7d6af3a910c920

    • SHA1

      71bdbbac4593a8307cb482d1ae1d48992b16dc23

    • SHA256

      1cd2479c2797673dbc3cf46d866bd723d86d36edac3e747f5e00f5adbb458364

    • SHA512

      6b3bab222e49661b8aaf0d9189cb546f209e96ecef69b171cb6bdebcd3d6e09a711724e4280da80998bf7013df8c19bd95a157b6f81cf52fd00e278f6ee3fd3a

    • SSDEEP

      1536:W7ZppApB7tlJ5OvtlJ5O57ZppApB7tlJ5OvtlJ5OD:6pWpB7tctQpWpB7tctE

    Score
    9/10
    ransomware

    • Renames multiple (4167) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks