Analysis

  • max time kernel
    119s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-07-2024 12:50

General

  • Target

    984313da138671e48cc6e66c1a217350N.exe

  • Size

    41KB

  • MD5

    984313da138671e48cc6e66c1a217350

  • SHA1

    a8e58ae21c645fcfdf9a566fa4cba7032f4c7abf

  • SHA256

    49b9a08be4550540b3270f5e33c2c7c2c1b82cefbdb4ce5f5a1cc3a33805510e

  • SHA512

    043ec77706e8efce8c30222d929cf22a956b7c01f593f385f03ad705620216e6939d98683591178a1b3431fa7707de6727a512321a15c4406e8d4fa84959a5f0

  • SSDEEP

    768:W7BlpppARFbhjbhg42LcfpR42LcfpVF/MF/3Nw/Nwk03CnCn:W7ZppApBULcfpHLcfpX2/Nw/NwNus

Score
9/10

Malware Config

Signatures

  • Renames multiple (4653) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\984313da138671e48cc6e66c1a217350N.exe
    "C:\Users\Admin\AppData\Local\Temp\984313da138671e48cc6e66c1a217350N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-1176886754-713327781-2233697964-1000\desktop.ini.tmp

    Filesize

    42KB

    MD5

    8c260f4791ded8d294cd478605a7d390

    SHA1

    3bdb5835b43b94208f3d36e66f9cd1fe6ee9b855

    SHA256

    a2db333cde06147bb28920f96f7e0c2bccf36a6a801b19a08a08ad40b9f58895

    SHA512

    fa1b184fd980a30a7e11b286c3aced867ef6537fe86fcd55eb1aa0d316cc932858bea3516f8ece84f7418130e8cca656bbaa8577f6d75626ffb7f9434ff399d5

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    140KB

    MD5

    025940fc03bd7a79ef2222d6e4ed929c

    SHA1

    8fe57b0cfa8a5485d0d5b1a98da5bb21200bccaf

    SHA256

    480ec2539cc35492b975fef28e8f281ba6cec1d5a03b594f3e95bf9dffb2d864

    SHA512

    b2aad5f9c5762f646d26d150951e64a705d70b58dd0ae7a0290d198dbc55a29893cdbae28f969be05cdb9a8d27bc9ceb7abaf9be48f1dc05b6a74ebd216fbc53