renamer | 40f03c122141183780da163945b11c303cd6e4a9e0acf0dfd61eb2f3afcd4b5a | Triage

Submit
Reports

Overview

overview

Static

static

Virus.Win3...am.exe

windows7-x64

Virus.Win3...am.exe

windows10-2004-x64

Sharing

General

Target

Virus.Win32.Grenam.B-40f03c122141183780da163945b11c303cd6e4a9e0acf0dfd61eb2f3afcd4b5aN
Size

824KB
Sample

240916-p8xkssyfkq
MD5

e6487e659e3689489b30f8baeffa5320
SHA1

3f1699bdc4b7e444dd29e4362f3fcc0b581692cb
SHA256

40f03c122141183780da163945b11c303cd6e4a9e0acf0dfd61eb2f3afcd4b5a
SHA512

0f39b968c7ef7dc57c87c23b0a429f9e028094abd3aeacb9a595d915e172de673d18eb1a5d29ce90e0952779916241fcd9b87d8d625f3d932721e827d1a60d1f
SSDEEP

12288:UwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEz888888888888W8888888J:kNzCtUpQ9WWPBSSRMTEpXNH

Score

10^/10

renamer discovery worm

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Virus.Win32.Grenam.exe

Resource

win7-20240903-en

renamer discovery worm

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

Virus.Win32.Grenam.exe

Resource

win10v2004-20240802-en

renamer discovery worm

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  Virus.Win32.Grenam.B-40f03c122141183780da163945b11c303cd6e4a9e0acf0dfd61eb2f3afcd4b5aN
- Size
  
  824KB
- MD5
  
  e6487e659e3689489b30f8baeffa5320
- SHA1
  
  3f1699bdc4b7e444dd29e4362f3fcc0b581692cb
- SHA256
  
  40f03c122141183780da163945b11c303cd6e4a9e0acf0dfd61eb2f3afcd4b5a
- SHA512
  
  0f39b968c7ef7dc57c87c23b0a429f9e028094abd3aeacb9a595d915e172de673d18eb1a5d29ce90e0952779916241fcd9b87d8d625f3d932721e827d1a60d1f
- SSDEEP
  
  12288:UwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEz888888888888W8888888J:kNzCtUpQ9WWPBSSRMTEpXNH
Score

10^/10

renamer discovery worm
- Detects Renamer worm.
  Renamer aka Grename is worm written in Delphi.
- Renamer, Grenam
  Renamer aka Grenam is a worm written in Delphi.
  worm renamer
- Drops startup file
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

renamerdiscoveryworm

behavioral2

renamerdiscoveryworm

© 2018-2025

Terms | Privacy