Overview

overview

9

Static

static

3

71cc07b0f7...0N.exe

windows7-x64

9

71cc07b0f7...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    119s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/08/2024, 15:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    71cc07b0f7caec92e388f8895e0a7990N.exe

  • Size

    30KB

  • MD5

    71cc07b0f7caec92e388f8895e0a7990

  • SHA1

    d741b6a568352ead916fd865b7b415ef1b40e64e

  • SHA256

    5eb157448dd2687feb6f7216176710e2256aaa84562f8c168bc9dff7d908bbd6

  • SHA512

    9a9b138a4dd713a3e73afea790a53003e8bb4eead76f104f3eab64a4c84b8481fcbc4aafa24a6ff191d21ae2395541ca5295fd02e7a370b01d1633bdff6a8578

  • SSDEEP

    192:tACUADIY0Br5xjL/ScAgAQmP1oynLb22vtPeGyvyq1iGyvyq/Z0Z7:GBt7Br5xjLfAgA71FbhvtPckZ0Z7

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (4658) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\71cc07b0f7caec92e388f8895e0a7990N.exe
    "C:\Users\Admin\AppData\Local\Temp\71cc07b0f7caec92e388f8895e0a7990N.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:1912

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-2392887640-1187051047-2909758433-1000\desktop.ini.tmp
          Filesize

          30KB

          MD5

          8edd982b7939de8108af80be78987546

          SHA1

          c37085c272f829207137a71f37a8d69f0f4a0be2

          SHA256

          8148e90f7383df61eecaf8f1854245cab503012d9254823998055b3fa775b697

          SHA512

          dfb15a4921c7b43a57541f5decf2b6f95e505ed52b930e5d8377d1ff1b9920b66b40e2424652f6b2e27c7ae0101c1a0c4bd5161225c7da6bb1340602941189d1

          Download Submit

        • C:\Program Files\7-Zip\7-zip.dll.tmp
          Filesize

          129KB

          MD5

          846d5a091158c478416f69729ecbf6f2

          SHA1

          3ae1ed075a2488430306dffa5b8a1f365e923acb

          SHA256

          fd322f442be7cf9de76d3bc45bd336c92f545882b268b806750a6aa3fd51d6f8

          SHA512

          93d269f6dd7e77647b0189b9a08ac24784627202d040fff6042dadcff9bc6b50366d6d746fceb56ded37c82a2ef41f97da71d760d6dfeb9fe65167d544864c3f

          Download Submit