Overview

overview

10

Static

static

10

1b9614c5f1...0N.exe

windows7-x64

10

1b9614c5f1...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b9614c5f134891f2274dd03ed8b7e70N

  • Size

    824KB

  • Sample

    240910-fnn89azalb

  • MD5

    1b9614c5f134891f2274dd03ed8b7e70

  • SHA1

    9dc7eb654353873d8e29e33e01195e1a2f2d5800

  • SHA256

    04b660d093f4fe1be297954762c60f25b216a374c30202c0a13e0163b4e8528d

  • SHA512

    b2e10524f81bad196c80a55c5246c83db49166a8f3ad0c930403a93848251ac6450db3cbb1a03098aab07b1e51672c466dc3d8070d7406dd62125914a6940934

  • SSDEEP

    12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEd888888888888W8888888J:NNzCtUpQ9WWPBSSRMTEpXNV

Score
10/10
renamerdiscoveryworm

Malware Config

Targets

    • Target

      1b9614c5f134891f2274dd03ed8b7e70N

    • Size

      824KB

    • MD5

      1b9614c5f134891f2274dd03ed8b7e70

    • SHA1

      9dc7eb654353873d8e29e33e01195e1a2f2d5800

    • SHA256

      04b660d093f4fe1be297954762c60f25b216a374c30202c0a13e0163b4e8528d

    • SHA512

      b2e10524f81bad196c80a55c5246c83db49166a8f3ad0c930403a93848251ac6450db3cbb1a03098aab07b1e51672c466dc3d8070d7406dd62125914a6940934

    • SSDEEP

      12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEd888888888888W8888888J:NNzCtUpQ9WWPBSSRMTEpXNV

    Score
    10/10
    renamerdiscoveryworm

    • Detects Renamer worm.

      Renamer aka Grename is worm written in Delphi.

    • Renamer, Grenam

      Renamer aka Grenam is a worm written in Delphi.

      wormrenamer

    • Drops startup file

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks