Overview

overview

10

Static

static

3

3f943430b4...45.exe

windows7-x64

10

3f943430b4...45.exe

windows10-2004-x64

10

Resubmissions

08-08-2024 11:42

240808-nt7xjswhle 10

27-07-2024 01:20

240727-bp25aazhmf 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f943430b49481aca6f57051ed0ced1a08038373f063afdd2423d8d72b19b545.exe

  • Size

    326KB

  • Sample

    240727-bp25aazhmf

  • MD5

    2639ec5825ff4ff231b5c50cd50b9514

  • SHA1

    9e13e135171f42bd466f26242b320763bbfcfba2

  • SHA256

    3f943430b49481aca6f57051ed0ced1a08038373f063afdd2423d8d72b19b545

  • SHA512

    207f3fa4577326df71c21a5b871b2e4778c6486ca4f289495b8b391314b2c9fc507c883615870c3cd8c1fe832918f06e375ce16d04f213048312e7d70a8d5dda

  • SSDEEP

    6144:PXqpsIPCYYNUBEP+abW67Dz4HFgnPOAzu0bD7P9YJJE:PqaIPbyUBWa5CPO0bPP9SJE

Score
10/10
playdiscoveryransomware

Malware Config

Targets

    • Target

      3f943430b49481aca6f57051ed0ced1a08038373f063afdd2423d8d72b19b545.exe

    • Size

      326KB

    • MD5

      2639ec5825ff4ff231b5c50cd50b9514

    • SHA1

      9e13e135171f42bd466f26242b320763bbfcfba2

    • SHA256

      3f943430b49481aca6f57051ed0ced1a08038373f063afdd2423d8d72b19b545

    • SHA512

      207f3fa4577326df71c21a5b871b2e4778c6486ca4f289495b8b391314b2c9fc507c883615870c3cd8c1fe832918f06e375ce16d04f213048312e7d70a8d5dda

    • SSDEEP

      6144:PXqpsIPCYYNUBEP+abW67Dz4HFgnPOAzu0bD7P9YJJE:PqaIPbyUBWa5CPO0bPP9SJE

    Score
    10/10
    playransomwarediscovery

    • PLAY Ransomware, PlayCrypt

      Ransomware family first seen in mid 2022.

      ransomwareplay

    • Renames multiple (3466) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks