Overview

overview

9

Static

static

3

b38bcc220a...0N.exe

windows7-x64

9

b38bcc220a...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    b38bcc220a8a562c3d2300ebee17f970N.exe

  • Size

    106KB

  • Sample

    240821-trzq2sycqd

  • MD5

    b38bcc220a8a562c3d2300ebee17f970

  • SHA1

    953e00416aebdd35e322e7500745d038e6618b45

  • SHA256

    06a2f2b21d66f8a7c8ff338f3a227d6d0a0f283d9ec05329a8f65209cade31c9

  • SHA512

    0f00812406c7b81da93bf0f5439edf88e08aa683a489301d6a2e092843425e0c27b824f0196906df115fccb92c01de16835f23555dc6ad97838c5ce48cc245a8

  • SSDEEP

    3072:6pWpBwchcwDjw2w2sKs8pWpBwchcwDjw2w2sKsG:PrsKs9rsKsG

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      b38bcc220a8a562c3d2300ebee17f970N.exe

    • Size

      106KB

    • MD5

      b38bcc220a8a562c3d2300ebee17f970

    • SHA1

      953e00416aebdd35e322e7500745d038e6618b45

    • SHA256

      06a2f2b21d66f8a7c8ff338f3a227d6d0a0f283d9ec05329a8f65209cade31c9

    • SHA512

      0f00812406c7b81da93bf0f5439edf88e08aa683a489301d6a2e092843425e0c27b824f0196906df115fccb92c01de16835f23555dc6ad97838c5ce48cc245a8

    • SSDEEP

      3072:6pWpBwchcwDjw2w2sKs8pWpBwchcwDjw2w2sKsG:PrsKs9rsKsG

    Score
    9/10
    discoveryransomware

    • Renames multiple (4234) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks