Overview

overview

9

Static

static

3

3c63bcbfaa...57.exe

windows7-x64

9

3c63bcbfaa...57.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c63bcbfaaf8c63725fc4235ca549f9af3c13ffd0c75161cf709a2aea9536e57

  • Size

    81KB

  • Sample

    240817-zyrxnsxalf

  • MD5

    3f961c85b433981bd57050c20f8fdd1a

  • SHA1

    4dbff12a4e0a73c6342d0aa920ea9f20add031a6

  • SHA256

    3c63bcbfaaf8c63725fc4235ca549f9af3c13ffd0c75161cf709a2aea9536e57

  • SHA512

    8f275b266e86817f4b31c6614457503dffd80ec7d25bd22d8c0b095ee096f5182a1713f496f97ca7d99b2daf5d0547ec3b3a9d9655f84bbb632d8c08dc823c18

  • SSDEEP

    1536:W7ZhA7pApw03vR03vuhP7ZhA7pApw03vR03vuhS:6e7WpwYRYee7WpwYRYN

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      3c63bcbfaaf8c63725fc4235ca549f9af3c13ffd0c75161cf709a2aea9536e57

    • Size

      81KB

    • MD5

      3f961c85b433981bd57050c20f8fdd1a

    • SHA1

      4dbff12a4e0a73c6342d0aa920ea9f20add031a6

    • SHA256

      3c63bcbfaaf8c63725fc4235ca549f9af3c13ffd0c75161cf709a2aea9536e57

    • SHA512

      8f275b266e86817f4b31c6614457503dffd80ec7d25bd22d8c0b095ee096f5182a1713f496f97ca7d99b2daf5d0547ec3b3a9d9655f84bbb632d8c08dc823c18

    • SSDEEP

      1536:W7ZhA7pApw03vR03vuhP7ZhA7pApw03vR03vuhS:6e7WpwYRYee7WpwYRYN

    Score
    9/10
    discoveryransomware

    • Renames multiple (4932) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks