Overview

overview

10

Static

static

10

b4ec9be8e9...a5.exe

windows10-1703-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4ec9be8e93dd3f6f48db661592ad6a96ffde8827a7a30362eec06232d9b8da5.7z

  • Size

    3.7MB

  • Sample

    240718-vzhm6ssaka

  • MD5

    592a65928518fa3230b06b6c0b39fab7

  • SHA1

    6ca3cc110f4e57e5aced197694d6ed3799a66f07

  • SHA256

    6d210bec7921edb5afe717e038328ad27f6955c5439db1092396aa40ae619c95

  • SHA512

    6d883856aa0f5587420a67931f8b40f911045c352f485a03f4f69b3def6207e7c462ab49ad6f66735085a8dd186bbf2b370e1dc489c4edadc580e98eba9a13e2

  • SSDEEP

    98304:AACFIubo1fuFhF/DXFJ3jCgdZ7jY+x/T0zhOIWBZ:AACN81fuFjrjn7nT0M9Z

Score
10/10
blackmoonransomware

Malware Config

Targets

    • Target

      b4ec9be8e93dd3f6f48db661592ad6a96ffde8827a7a30362eec06232d9b8da5.exe

    • Size

      4.0MB

    • MD5

      627914078afb6e8601c91fc8552887bc

    • SHA1

      7e149639e304024e895b2ce7a35a1626abf084f2

    • SHA256

      b4ec9be8e93dd3f6f48db661592ad6a96ffde8827a7a30362eec06232d9b8da5

    • SHA512

      52dd6dcfc9d70c8d4fa47c589fc54d939277bcf2fc1989efb8830384b2bce2ebca4ad28c347e2339783f4c4d86edbade9c4a5d3487daa885310db5d7f61883b8

    • SSDEEP

      49152:o0C8/tCdsXPZzy5ljatKM4ct5BzvX0bkUF5SQ2CgAY2AMrwZP4rDGjM+osrJJ+X:XMs/ZWfJMp/dMbXbSHAnAMrwsGQ+NA

    Score
    9/10
    ransomware

    • Renames multiple (8234) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks