Overview

overview

9

Static

static

3

96a70b5ca5...59.exe

windows7-x64

9

96a70b5ca5...59.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    96a70b5ca5c99767eafa5fbf2d56a4f85f827826c4ef2bdde4b3ce9037703459

  • Size

    83KB

  • Sample

    240727-bdmv8azarh

  • MD5

    52ee2c4b2be4a581c295e5369994cc6a

  • SHA1

    b7217ddc6dd3b2ba6a8db527cdb477ed18a52513

  • SHA256

    96a70b5ca5c99767eafa5fbf2d56a4f85f827826c4ef2bdde4b3ce9037703459

  • SHA512

    6e172f17a1fe1399b64d132ca1d46eae07bbd92c1cf65b99b4efc23236683dbb8006277a567badb2594da94f149c249681456c4a14e14bf9d0f3bb0d2e6c903b

  • SSDEEP

    768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmhWfxRfx7wX:W7ZDpApYbWjIoPyPoLzV7c6ShWfxRfx0

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      96a70b5ca5c99767eafa5fbf2d56a4f85f827826c4ef2bdde4b3ce9037703459

    • Size

      83KB

    • MD5

      52ee2c4b2be4a581c295e5369994cc6a

    • SHA1

      b7217ddc6dd3b2ba6a8db527cdb477ed18a52513

    • SHA256

      96a70b5ca5c99767eafa5fbf2d56a4f85f827826c4ef2bdde4b3ce9037703459

    • SHA512

      6e172f17a1fe1399b64d132ca1d46eae07bbd92c1cf65b99b4efc23236683dbb8006277a567badb2594da94f149c249681456c4a14e14bf9d0f3bb0d2e6c903b

    • SSDEEP

      768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmhWfxRfx7wX:W7ZDpApYbWjIoPyPoLzV7c6ShWfxRfx0

    Score
    9/10
    discoveryransomware

    • Renames multiple (488) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks