Overview

overview

9

Static

static

3

7b19d6eb87...bf.exe

windows7-x64

9

7b19d6eb87...bf.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/09/2024, 23:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7b19d6eb87c2c2a29f1e19e69c6fd4eb141b4822078fb03ec724db45e1279bbf.exe

  • Size

    50KB

  • MD5

    cb6f8067ede7a6b6b442c0aa6ab9346a

  • SHA1

    fae618451dba628da4444dcc253fd5527ebbd8aa

  • SHA256

    7b19d6eb87c2c2a29f1e19e69c6fd4eb141b4822078fb03ec724db45e1279bbf

  • SHA512

    fae52a7a50ab3ee98c5fe3d5b67e5244fcf5e7397587dfa6038bb23d1bf87b29e07025b2a72b557800a1101a75a13179dac2cffca9f3a9a6fb41387e33104d9c

  • SSDEEP

    768:W7BlphA7pARFbhL801VvM801Vvv7PZaZP:W7ZhA7pApw03vR03vY

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (5199) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\7b19d6eb87c2c2a29f1e19e69c6fd4eb141b4822078fb03ec724db45e1279bbf.exe
    "C:\Users\Admin\AppData\Local\Temp\7b19d6eb87c2c2a29f1e19e69c6fd4eb141b4822078fb03ec724db45e1279bbf.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:3220

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-786284298-625481688-3210388970-1000\desktop.ini.tmp
          Filesize

          50KB

          MD5

          1e7e9e50d332d643cda60b6b3134b230

          SHA1

          7294e08983eb494f594673fd9fae0c5b05901247

          SHA256

          45d4a5f80cb3fff84fff5119eb2f942a1cce40e6b73b83a40790bdf6e9bfc06f

          SHA512

          e541ed65cd5a1144c6372dc59305674a29f2a934d75ddb5b13d6a7a9386ae9a156a5e178b1ac6f109e78e06dae36c86be55eb94dad512bc6c6c05625e20bcd0c

          Download Submit

        • C:\Program Files\7-Zip\7-zip.dll.tmp
          Filesize

          149KB

          MD5

          e8994ca6c9e040e2981143abf1275afa

          SHA1

          09b87edbe00d01d482dac0ebbad654d0aaf32df7

          SHA256

          b3c9c33076de0de017ae86b3a5e3291ba0c6d77788a1f71912db77096d15bf9c

          SHA512

          40769a7e2f2a3158a4277b29d57d5d533538762f8a4111c90ba93c57542186e9bbd87ba4f1c6272cffc876bd3ea67623a49974680abe3ce8b9b8aeed9a289514

          Download Submit