Overview

overview

9

Static

static

3

04a71f4429...0N.exe

windows7-x64

5

04a71f4429...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04a71f4429bed8d039e6ef7b8f500e00N.exe

  • Size

    89KB

  • Sample

    240901-brlkbaxarc

  • MD5

    04a71f4429bed8d039e6ef7b8f500e00

  • SHA1

    ee9328166626a40c390081d42d82b663cab8cd7d

  • SHA256

    28afc3241063e9d5d70540185e3ae7a14fb0a33649bbbbf14cc6c0b36b3d4d36

  • SHA512

    d76e08828af3f142f3624594b4ae3ba9348dc508f1a63a4cc6d5695381d1543f6caee81000a1cfed4df0f5bba0e4df2ff33bfefdc968302b0163cf66608e2948

  • SSDEEP

    1536:W7ZhA7pApM21LOA1LOl6Ad7ZhA7pApM21LOA1LOl6AOJOOJD:6e7WpMgLOiLOfe7WpMgLOiLOm

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      04a71f4429bed8d039e6ef7b8f500e00N.exe

    • Size

      89KB

    • MD5

      04a71f4429bed8d039e6ef7b8f500e00

    • SHA1

      ee9328166626a40c390081d42d82b663cab8cd7d

    • SHA256

      28afc3241063e9d5d70540185e3ae7a14fb0a33649bbbbf14cc6c0b36b3d4d36

    • SHA512

      d76e08828af3f142f3624594b4ae3ba9348dc508f1a63a4cc6d5695381d1543f6caee81000a1cfed4df0f5bba0e4df2ff33bfefdc968302b0163cf66608e2948

    • SSDEEP

      1536:W7ZhA7pApM21LOA1LOl6Ad7ZhA7pApM21LOA1LOl6AOJOOJD:6e7WpMgLOiLOfe7WpMgLOiLOm

    Score
    9/10
    discoveryransomware

    • Renames multiple (4657) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks