Overview

overview

9

Static

static

3

15483cc9eb...4f.exe

windows7-x64

9

15483cc9eb...4f.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    149s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2024 18:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15483cc9eb89a9309b1a032884d70113b75d900feefa49a3b0655c8ae94b694f.exe

  • Size

    56KB

  • MD5

    9c1f3e505245a7e736923298680196f6

  • SHA1

    cb92957065c6e98c0372429d0ccfa51deedfc7f3

  • SHA256

    15483cc9eb89a9309b1a032884d70113b75d900feefa49a3b0655c8ae94b694f

  • SHA512

    bbac10d1fc72b25ebe4d2486b4437f57b82fdd3dba515ff4a6ee0b2a49b0025ef7ba4554425d73ab1b4bed463f2740c6aac2fe94da7ded696bc8267355f98df8

  • SSDEEP

    768:W7BlprpARFbhJ68nNIreUYEreUYX1na+3mC+3m5:W7ZrpApJ68nNIreUvreUunT

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (1025) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\15483cc9eb89a9309b1a032884d70113b75d900feefa49a3b0655c8ae94b694f.exe
    "C:\Users\Admin\AppData\Local\Temp\15483cc9eb89a9309b1a032884d70113b75d900feefa49a3b0655c8ae94b694f.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:1944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp
    Filesize

    57KB

    MD5

    4bf9130c08cbb3afd0e87a1ba6aa61db

    SHA1

    d0c42835ded53322910faf469bed9ceaa68a3b4a

    SHA256

    025cd31f2931f3ad83d5150dbd378acf315cb86ebe7849f368693360681382a1

    SHA512

    eeaa37bb1be26b4fe3fb5ee67050745085170090d4cc016d736638f847bebbb268a0a8c7e858439cc570c70c4a88a2039c79e145cd96b69d76a21b57b6ab568c

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    66KB

    MD5

    38ebfba007db4ffda0c071d8e300351a

    SHA1

    2d90f0be119a21908a1f7edac4c428b8f0ff8372

    SHA256

    a014fb6b59ebfa522525cbe44ce66dc852b592003df9bf19829bc36e92bc6948

    SHA512

    d49139ff189edcfb8135de326b6aa6a43aeeeb47610027dc7d6b96170e69957ae390903b0f407c2e9ffb6f1ac35d30957cc48c0e3dc531edbe9bfbd4d10e608c

    Download Submit