Overview

overview

9

Static

static

3

f52ac4331e...46.exe

windows7-x64

9

f52ac4331e...46.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 01:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f52ac4331e2343b3003b293aaf04eed48a040463596e2e199b8ca98eb846c446.exe

  • Size

    81KB

  • MD5

    421af875c41fed11cc264990c43839fc

  • SHA1

    a50e48364b94bf4372287a33fc879985179b62c4

  • SHA256

    f52ac4331e2343b3003b293aaf04eed48a040463596e2e199b8ca98eb846c446

  • SHA512

    418f2646b858bfd972dfcc4746175dd61aabca7628bf3c7fb4ba842c6ed09147ce2013034b3662498a426f83461cb279b44df67e63a2bee811d0f5d48bf9d731

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eTdsdYSYEP:6e7WpMaxeb0CYJ97lEYNR73e+eBSL

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (3695) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\f52ac4331e2343b3003b293aaf04eed48a040463596e2e199b8ca98eb846c446.exe
    "C:\Users\Admin\AppData\Local\Temp\f52ac4331e2343b3003b293aaf04eed48a040463596e2e199b8ca98eb846c446.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:1052

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-2172136094-3310281978-782691160-1000\desktop.ini.tmp
          Filesize

          81KB

          MD5

          36649d3c93b2ba469035316e56806eca

          SHA1

          988aa405d1f4374a36d31f93deed4d8e5a0a4db9

          SHA256

          8f46772f5896df41e3cca2d38c3c70e44a1cebd3bbc13fe343db4b1f662dc034

          SHA512

          2e613a971b84dfe383c375c9e2e9b7b60c312abb72175edcfee429bbd3090e44a23a7530822c20def68c848a5fdcb4c67030b1be01d123bfcd55ae8e75314c65

          Download Submit

        • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
          Filesize

          90KB

          MD5

          dd3dbf53bbf6d47a59b7dfeb1fcc6b09

          SHA1

          34bfa0c41e0c06b136a4e5ebcf3e47feb012dae3

          SHA256

          4ba26e816bb0e3df2e72164043578103002974f021da1e9a15f83d9c6830a96b

          SHA512

          8a792ee0f0914cd67700edc81142d604f014d35535e3651134fa1cc51d6a8cfe3a5d5825d1e14c1b8e9c80fd6507ea937509e909cd6e136b4fcfec6b53c0e6c4

          Download Submit