Overview

overview

9

Static

static

3

58318a0ce9...0N.exe

windows7-x64

9

58318a0ce9...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 03:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58318a0ce95b1f2d34164e17b5f6d2e0N.exe

  • Size

    41KB

  • MD5

    58318a0ce95b1f2d34164e17b5f6d2e0

  • SHA1

    8a0bac09ff7bb4a14ce5c2b49901ab1a337ea739

  • SHA256

    57217d3cfe415a3fa8bac6481669c6ca50958bacc29bdc65e1c74a370cba1128

  • SHA512

    38aabc5817c412f0aaa914843c9ef7dd50b4dec8c87407bd791b545443f5c3b4e62d03436f47c896992cd603ad0d2c287466b6d26a9b828646bbc50d2b17b199

  • SSDEEP

    768:W7BlphA7pARFbhOm0CAbLg++PJHJzIWD+6/huEQhuE/:W7ZhA7pApH1++PJHJX18EQ8E/

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3149) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\58318a0ce95b1f2d34164e17b5f6d2e0N.exe
    "C:\Users\Admin\AppData\Local\Temp\58318a0ce95b1f2d34164e17b5f6d2e0N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3502430532-24693940-2469786940-1000\desktop.ini.tmp
    Filesize

    42KB

    MD5

    91083f1b6d166913c5d11d7c4ae6d31e

    SHA1

    75b3ba7ea8a7fc537fcef68566ef7c6b2dcb7067

    SHA256

    77fcc72c2f8d837704d8450808ead2e6bb422823428ffbbeaee2f383a1b0597e

    SHA512

    82a73f6f000bb1b61cb10ca3b2f776e252a3ac50b4a86bf212fdb1fb46ad6f30d69b1e02cfaa2f7b6df2bd61c57c6e872ade1c05a32f62df43d31e446266b989

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    51KB

    MD5

    3adb99623b252f6c7a1935a5a0f68207

    SHA1

    e784a8268f3773715145525dd6ec176d82e4bc57

    SHA256

    137dda05dc35f34df23c9f2817fc6ae3481b007cd767fad081f045f6ffe31c7e

    SHA512

    0af29990d40e1bd42099609a3138135205cac7da949601bcc5de76cc0e10739b13385f70a8e35b4287a273ac13d1417e148ed1abc71ed8199f250e4ceee0e95b

    Download Submit