Overview

overview

10

Static

static

10

096bb2bde6...8f.exe

windows10-2004-x64

10

2decc47201...a2.exe

windows10-2004-x64

10

44f28cd6ea...7e.exe

windows10-2004-x64

1

82ad518318...3a.exe

windows10-2004-x64

9

92c50cd253...b9.exe

windows10-2004-x64

6

a58b5f2e81...39.exe

windows10-2004-x64

10

c531015ec0...86.exe

windows10-2004-x64

8

ca8b0ebbb3...0e.exe

windows10-2004-x64

9

d8fd9ad2f3...3b.exe

windows10-2004-x64

10

f241f35bb0...e5.exe

windows10-2004-x64

7

$APPDATA/c...56.dll

windows10-2004-x64

1

$APPDATA/c...om.dll

windows10-2004-x64

1

$APPDATA/c...er.dll

windows10-2004-x64

1

$APPDATA/c...or.dll

windows10-2004-x64

1

$APPDATA/c...es.dll

windows10-2004-x64

1

$APPDATA/c...ib.dll

windows10-2004-x64

1

$APPDATA/cl/_ssl.dll

windows10-2004-x64

1

$APPDATA/cl/bz2.dll

windows10-2004-x64

1

$APPDATA/cl/cl.exe

windows10-2004-x64

1

$APPDATA/cl/mklnk.cmd

windows10-2004-x64

3

$APPDATA/c...at.dll

windows10-2004-x64

1

$APPDATA/c...27.dll

windows10-2004-x64

3

$APPDATA/c...27.dll

windows10-2004-x64

3

$APPDATA/c...ve.cmd

windows10-2004-x64

1

$APPDATA/c...ct.dll

windows10-2004-x64

1

$APPDATA/cl/ui.exe

windows10-2004-x64

3

$APPDATA/c...ta.dll

windows10-2004-x64

1

$APPDATA/c...pi.dll

windows10-2004-x64

1

$APPDATA/c...dh.dll

windows10-2004-x64

1

$APPDATA/c...pe.dll

windows10-2004-x64

1

$APPDATA/c...et.dll

windows10-2004-x64

1

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    467s
  • max time network
    436s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2024 15:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ca8b0ebbb30f371219c2ae79cdc0bd1dd3114cdf27821e71cfbcc11f9daca30e.exe

  • Size

    1.0MB

  • MD5

    1833aaec4050f44cb067e7583e159e92

  • SHA1

    bcb22c5894c3a42a8e5eac9aa18a79a5a252f083

  • SHA256

    ca8b0ebbb30f371219c2ae79cdc0bd1dd3114cdf27821e71cfbcc11f9daca30e

  • SHA512

    1e05ba9e70d27559182ab8f397ace2070bfdb69c7d6aa0cefee5e24d19900affd1458df2378328e33c0874137d1d75add6151e2eb7d2a8f4613c197114e3018b

  • SSDEEP

    24576:F2RUdHDi0HYsrGiqne6NOV7SjH/fMe4X1VNeum4op0Isl:F2RWv2NNADBenjsl

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (111) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\ca8b0ebbb30f371219c2ae79cdc0bd1dd3114cdf27821e71cfbcc11f9daca30e.exe
    "C:\Users\Admin\AppData\Local\Temp\ca8b0ebbb30f371219c2ae79cdc0bd1dd3114cdf27821e71cfbcc11f9daca30e.exe"
    1⤵
      PID:4088

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4088-0-0x0000000074E1E000-0x0000000074E1F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4088-1-0x0000000000390000-0x00000000004A2000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/4088-2-0x00000000053E0000-0x0000000005984000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/4088-3-0x0000000004ED0000-0x0000000004F62000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4088-4-0x0000000004EB0000-0x0000000004EBA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4088-5-0x0000000074E10000-0x00000000755C0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4088-171-0x0000000074E1E000-0x0000000074E1F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4088-172-0x0000000074E10000-0x00000000755C0000-memory.dmp

      Filesize

      7.7MB

      Download