Overview

overview

9

Static

static

3

036c9ce43d...ce.exe

windows7-x64

9

036c9ce43d...ce.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    036c9ce43df09473de56b520cb70ac8c6d330c135279f2d0914c03911f4c95ce

  • Size

    96KB

  • Sample

    240825-wt6ngsyfql

  • MD5

    150b227522d284678bae583749fb22a5

  • SHA1

    7d00aca3886894a7d08801894b809be2488af148

  • SHA256

    036c9ce43df09473de56b520cb70ac8c6d330c135279f2d0914c03911f4c95ce

  • SHA512

    e091dcb33925ef8ee88c63c5805d12bda3965129667f2175bd390f55b9458cc39565efe45e761fe489d7edf67fb24ce7ee202e65a108a38adcae765b8abeeb95

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpyDZ7ZppApBULcfpHLcfpyDc:6pWpBwchcwDDpWpBwchcwDc

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      036c9ce43df09473de56b520cb70ac8c6d330c135279f2d0914c03911f4c95ce

    • Size

      96KB

    • MD5

      150b227522d284678bae583749fb22a5

    • SHA1

      7d00aca3886894a7d08801894b809be2488af148

    • SHA256

      036c9ce43df09473de56b520cb70ac8c6d330c135279f2d0914c03911f4c95ce

    • SHA512

      e091dcb33925ef8ee88c63c5805d12bda3965129667f2175bd390f55b9458cc39565efe45e761fe489d7edf67fb24ce7ee202e65a108a38adcae765b8abeeb95

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpyDZ7ZppApBULcfpHLcfpyDc:6pWpBwchcwDDpWpBwchcwDc

    Score
    9/10
    discoveryransomware

    • Renames multiple (4327) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks