Overview

overview

9

Static

static

3

dfe0a81c0e...e1.exe

windows7-x64

9

dfe0a81c0e...e1.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfe0a81c0e35282240220715adf38ef46ead64fe0e42897a29b814d2d84ad9e1

  • Size

    102KB

  • Sample

    240727-ffbces1fle

  • MD5

    157f9e125521e8b2993852f7d808a00f

  • SHA1

    257ac8361d4c44d2a7e6dfcbe1f496d37e1e22fe

  • SHA256

    dfe0a81c0e35282240220715adf38ef46ead64fe0e42897a29b814d2d84ad9e1

  • SHA512

    1b47c3874c63cb4ed5135a76473259421ffd34214c3feb1b88148c78e708d9f139c8c84219eb9466b00ba6a9ce2eab20d6e5a02e95a2d750d9dd9b33d060b2b0

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fz:RqKvb0CYJ973e+eKZOf7fz

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      dfe0a81c0e35282240220715adf38ef46ead64fe0e42897a29b814d2d84ad9e1

    • Size

      102KB

    • MD5

      157f9e125521e8b2993852f7d808a00f

    • SHA1

      257ac8361d4c44d2a7e6dfcbe1f496d37e1e22fe

    • SHA256

      dfe0a81c0e35282240220715adf38ef46ead64fe0e42897a29b814d2d84ad9e1

    • SHA512

      1b47c3874c63cb4ed5135a76473259421ffd34214c3feb1b88148c78e708d9f139c8c84219eb9466b00ba6a9ce2eab20d6e5a02e95a2d750d9dd9b33d060b2b0

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fz:RqKvb0CYJ973e+eKZOf7fz

    Score
    9/10
    discoveryransomware

    • Renames multiple (1338) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks