Overview

overview

10

Static

static

7

BitchTits ...P].exe

windows7-x64

7

WannaFartCry.exe

windows7-x64

3

Wannashiturself.exe

windows7-x64

10

big FAT ti...RE.exe

windows7-x64

10

big fat se...re.exe

windows7-x64

1

bitch man ...re.exe

windows7-x64

8

bro what t...at.dll

windows7-x64

7

cocksucker...L].exe

windows7-x64

7

fart poopy...re.exe

windows7-x64

7

fart weewe...re.exe

windows7-x64

10

farting po...re.exe

windows7-x64

10

farty poo ...re.exe

windows7-x64

10

fuck you.exe

windows7-x64

7

large peni...24.exe

windows7-x64

niggaware ...29.exe

windows7-x64

10

pee poo pi...re.exe

windows7-x64

10

retard ransomware.exe

windows7-x64

1

Analysis

  • max time kernel
    1800s
  • max time network
    1443s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 14:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pee poo piss piss ransomware rare.exe

  • Size

    418KB

  • MD5

    afe081816b33e7d8bdff7f7291fa3718

  • SHA1

    b05d2d80f846e95d70463b3096e7412575c5ce54

  • SHA256

    acee7b1fe33cae78353a100855e4da887599a504833f47c185373ed079529374

  • SHA512

    91604a604d3acccddbbec61854bba80756aea78341c098a66982a4c4c6c0ac3bdf09132b527caaaedceedb4f70539c6df7cc2dd7f029bb1ccb0695c535397c72

  • SSDEEP

    12288:I8y5iDtzoYgveS30QRuWlG9GDnH+9XUmwP:IDcCvegHEymw

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 2 IoCs
    persistence
  • Drops file in System32 directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\pee poo piss piss ransomware rare.exe
    "C:\Users\Admin\AppData\Local\Temp\pee poo piss piss ransomware rare.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    PID:1740
  • C:\Windows\explorer.exe
    explorer.exe
    1⤵
      PID:2452

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1740-0-0x0000000000220000-0x0000000000221000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1740-3-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-4-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-5-0x0000000000220000-0x0000000000221000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1740-6-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-9-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-14-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-15-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-22-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-25-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-28-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-30-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-49-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-50-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-51-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-55-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-59-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-62-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-65-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    • memory/1740-66-0x0000000000400000-0x000000000046F000-memory.dmp

      Filesize

      444KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.