Overview

overview

9

Static

static

3

9f5edb7a59...0N.exe

windows7-x64

9

9f5edb7a59...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f5edb7a59a4b75e0468b21e5c5352c0N.exe

  • Size

    86KB

  • Sample

    240821-gpl1yssgra

  • MD5

    9f5edb7a59a4b75e0468b21e5c5352c0

  • SHA1

    cf7a9bb6e7a2ab3ec30d45fb571925cdf2f3d4d6

  • SHA256

    2995b0ecf5cca6337513151eaf84a2f64d4be194598160de2448a980fec4111c

  • SHA512

    39007270c7aed487bf0bcfb138925ef26fd4635db42b87d6d5d81b13fac13fead7806f5e9724b76c31afd035059954bda68f3a29cca7f8631f4b0679b12a94eb

  • SSDEEP

    1536:W7Z2sspAp5YSfffS7Z2sspAp5YSfff2wD:62ssWpO2ssWpewD

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      9f5edb7a59a4b75e0468b21e5c5352c0N.exe

    • Size

      86KB

    • MD5

      9f5edb7a59a4b75e0468b21e5c5352c0

    • SHA1

      cf7a9bb6e7a2ab3ec30d45fb571925cdf2f3d4d6

    • SHA256

      2995b0ecf5cca6337513151eaf84a2f64d4be194598160de2448a980fec4111c

    • SHA512

      39007270c7aed487bf0bcfb138925ef26fd4635db42b87d6d5d81b13fac13fead7806f5e9724b76c31afd035059954bda68f3a29cca7f8631f4b0679b12a94eb

    • SSDEEP

      1536:W7Z2sspAp5YSfffS7Z2sspAp5YSfff2wD:62ssWpO2ssWpewD

    Score
    9/10
    discoveryransomware

    • Renames multiple (4299) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks