2e21e367c90104bfaae3cbb9d4e56b202d6393614642fdbd546079b65cdd194c | Triage

Submit
Reports

Overview

overview

9

Static

static

3

d18b5235d9...0N.exe

windows7-x64

9

d18b5235d9...0N.exe

windows10-2004-x64

9

Sharing

General

Target

d18b5235d9ad8672aff700b5c9775830N.exe
Size

195KB
Sample

240715-ntynwaxdrd
MD5

d18b5235d9ad8672aff700b5c9775830
SHA1

fe4b6fa08579c60198450aa174849f17a5e4bea3
SHA256

2e21e367c90104bfaae3cbb9d4e56b202d6393614642fdbd546079b65cdd194c
SHA512

064e406b496c7ac5598cc25e283d2f21a46ba1b5795bf632f5698cde53ecd8c2b657e5036ae6a2371a01c8e55bb3b3d010f2f3a5919bd02085cef588919b419e
SSDEEP

6144:RqKvb0CYJ973e+eKZOf7fCqKvb0CYJ973e+eKZOf7fo:vvbxYX7ZRvbxYX7Zr

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d18b5235d9ad8672aff700b5c9775830N.exe

Resource

win7-20240704-en

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

d18b5235d9ad8672aff700b5c9775830N.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  d18b5235d9ad8672aff700b5c9775830N.exe
- Size
  
  195KB
- MD5
  
  d18b5235d9ad8672aff700b5c9775830
- SHA1
  
  fe4b6fa08579c60198450aa174849f17a5e4bea3
- SHA256
  
  2e21e367c90104bfaae3cbb9d4e56b202d6393614642fdbd546079b65cdd194c
- SHA512
  
  064e406b496c7ac5598cc25e283d2f21a46ba1b5795bf632f5698cde53ecd8c2b657e5036ae6a2371a01c8e55bb3b3d010f2f3a5919bd02085cef588919b419e
- SSDEEP
  
  6144:RqKvb0CYJ973e+eKZOf7fCqKvb0CYJ973e+eKZOf7fo:vvbxYX7ZRvbxYX7Zr
Score

9^/10

ransomware
- Renames multiple (266) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy