Overview

overview

9

Static

static

3

f5cc66d3aa...0N.exe

windows7-x64

9

f5cc66d3aa...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5cc66d3aab8e7b7e69dfb0f8a7f8d60N.exe

  • Size

    203KB

  • MD5

    f5cc66d3aab8e7b7e69dfb0f8a7f8d60

  • SHA1

    4f67513157cb66c1f162e36ad93e819f498d7911

  • SHA256

    d62bdb9ed728f66ffa96be17b2fe8de799f9c9ddb6315f0edcba6191cd820b03

  • SHA512

    fbbffb06ca2bb835677c5b545959a23e37a1e9a7ccfc2524c6a665bb5c896dcdb575090a3d1e046a20d6a53d7ecfa3b000c2c96b1e0b77e338fd167baecf2c91

  • SSDEEP

    768:W7BlphA7pARFbhKKVeIuKVeIaCgx+qsaCgx+qs9lRlCNE6:W7ZhA7pApaX0aX09rsE6

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (2592) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5cc66d3aab8e7b7e69dfb0f8a7f8d60N.exe
    "C:\Users\Admin\AppData\Local\Temp\f5cc66d3aab8e7b7e69dfb0f8a7f8d60N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2172136094-3310281978-782691160-1000\desktop.ini.tmp
    Filesize

    203KB

    MD5

    9040beb7d616fe5a52fc02e3dfb576f8

    SHA1

    0086223c211f8556b65d87b4bff82d8e42786c3d

    SHA256

    7481bdb12e281f670bbc263c7d0ab83ac8a062ecc0b8ac2c2f76da57483445ce

    SHA512

    c66a03f770b6cb12b9202e5e153ea84a7407ae9137c579c3f919834436fbe375e014d86ce75254067aafd151f336c635a7061a13f740be7b2a164cfd558346ef

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    212KB

    MD5

    2e7e182598444596d8806289cc54a9d7

    SHA1

    1be8031be79ffd8954499ca7cfa7b8602cbb301a

    SHA256

    64affd3d1f1f412be20d149cd9c0dcbc2bb26e074c14d5d4ac8c60e712f7abaa

    SHA512

    3caac328e8a89b76e78bdfcb29d2fc7498f6aa5af74588878bd6a1a465f022fb0842558b28d3018cee1cebee518d535662bb93d38fddd78ce0179af85ef821bb

    Download Submit