Overview

overview

9

Static

static

3

ff39628cdc...0N.exe

windows7-x64

9

ff39628cdc...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    ff39628cdc2bd0a9de0842343d24a720N.exe

  • Size

    85KB

  • Sample

    240823-vmqs1sxale

  • MD5

    ff39628cdc2bd0a9de0842343d24a720

  • SHA1

    7ee7b7436aaa45d6321695fff021920d85c4efbc

  • SHA256

    e63f086c42f8402223987137e37a0a05e752bc43297a8c1a06047ab1e084e8c7

  • SHA512

    d0c06e321be3a6378d0dd49fc19eff265d49e6a2f217d8cf498834f4772d169880e77e1205164fc91ac605bd940b12cfcb1701e52603eecec9f7603828452554

  • SSDEEP

    768:W7Blp9pARFbhxwWjS7Blp9pARFbhxwWjF:W7Z9pApxwR7Z9pApxwQ

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      ff39628cdc2bd0a9de0842343d24a720N.exe

    • Size

      85KB

    • MD5

      ff39628cdc2bd0a9de0842343d24a720

    • SHA1

      7ee7b7436aaa45d6321695fff021920d85c4efbc

    • SHA256

      e63f086c42f8402223987137e37a0a05e752bc43297a8c1a06047ab1e084e8c7

    • SHA512

      d0c06e321be3a6378d0dd49fc19eff265d49e6a2f217d8cf498834f4772d169880e77e1205164fc91ac605bd940b12cfcb1701e52603eecec9f7603828452554

    • SSDEEP

      768:W7Blp9pARFbhxwWjS7Blp9pARFbhxwWjF:W7Z9pApxwR7Z9pApxwQ

    Score
    9/10
    discoveryransomware

    • Renames multiple (4278) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks