Overview

overview

9

Static

static

3

97ad2fb4ae...19.exe

windows7-x64

9

97ad2fb4ae...19.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97ad2fb4ae3d41f4eae0cbc1911d484c18807ea009740b4dc65bfb66c04ea519

  • Size

    38KB

  • Sample

    240727-bf16mazcma

  • MD5

    c6450dc1a27cfdb716e612a30dcf2dbf

  • SHA1

    88d1083df16cc3ab43f687791c5da2a503238013

  • SHA256

    97ad2fb4ae3d41f4eae0cbc1911d484c18807ea009740b4dc65bfb66c04ea519

  • SHA512

    574f3261e64271fb9299b1283efb3bc5d8be1ce73ffe589bf8b3fdaae703254eb5b2ab5e57162d70b55d809bddef3fa9ed4bf21fb6431e1b68df7e6486ff72e2

  • SSDEEP

    768:W7BlpppARFbhjbhQYjYY4F2j3TK54F2j3TKtnv:W7ZppApB1W5WZ

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      97ad2fb4ae3d41f4eae0cbc1911d484c18807ea009740b4dc65bfb66c04ea519

    • Size

      38KB

    • MD5

      c6450dc1a27cfdb716e612a30dcf2dbf

    • SHA1

      88d1083df16cc3ab43f687791c5da2a503238013

    • SHA256

      97ad2fb4ae3d41f4eae0cbc1911d484c18807ea009740b4dc65bfb66c04ea519

    • SHA512

      574f3261e64271fb9299b1283efb3bc5d8be1ce73ffe589bf8b3fdaae703254eb5b2ab5e57162d70b55d809bddef3fa9ed4bf21fb6431e1b68df7e6486ff72e2

    • SSDEEP

      768:W7BlpppARFbhjbhQYjYY4F2j3TK54F2j3TKtnv:W7ZppApB1W5WZ

    Score
    9/10
    discoveryransomware

    • Renames multiple (447) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks