Overview

overview

10

Static

static

10

2024-08-15...de.exe

windows7-x64

9

2024-08-15...de.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-15_0c7e0266af636fd730890fcdaa0d4f13_darkside

  • Size

    145KB

  • Sample

    240815-fb8r5avfng

  • MD5

    0c7e0266af636fd730890fcdaa0d4f13

  • SHA1

    831c3169028173d1915c399a65a05fda8a65901b

  • SHA256

    7ce00239cfd50516eae50dc385def3841e1c85974ea332e649fe5dc10f4ecf52

  • SHA512

    3d1983e3697450729b4aa0a9324d8ce57823ed10d7a58699b181c2f8069557132c01069ef8a2fc813c3002d8c2b204b0f2881673fbb3f9bea6109a50c3b9536c

  • SSDEEP

    1536:PzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDwjRuGmBk5c7vyK9o8tJ3O1qQ8M:wqJogYkcSNm9V7DbGSJtJ3OYsFT

Score
10/10
lockbitdiscoveryransomwarespywarestealer

Malware Config

Targets

    • Target

      2024-08-15_0c7e0266af636fd730890fcdaa0d4f13_darkside

    • Size

      145KB

    • MD5

      0c7e0266af636fd730890fcdaa0d4f13

    • SHA1

      831c3169028173d1915c399a65a05fda8a65901b

    • SHA256

      7ce00239cfd50516eae50dc385def3841e1c85974ea332e649fe5dc10f4ecf52

    • SHA512

      3d1983e3697450729b4aa0a9324d8ce57823ed10d7a58699b181c2f8069557132c01069ef8a2fc813c3002d8c2b204b0f2881673fbb3f9bea6109a50c3b9536c

    • SSDEEP

      1536:PzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDwjRuGmBk5c7vyK9o8tJ3O1qQ8M:wqJogYkcSNm9V7DbGSJtJ3OYsFT

    Score
    9/10
    discoveryransomwarespywarestealer

    • Renames multiple (366) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks