Overview

overview

9

Static

static

3

d35f277cde...9N.exe

windows7-x64

9

d35f277cde...9N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    119s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/09/2024, 08:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d35f277cde36e5a9f767cd50b733d4c4446e5e820d31e5b66194f400a4affac9N.exe

  • Size

    35KB

  • MD5

    fce922c2b253f59d5bbfc73d9571aa60

  • SHA1

    b8bcb36f2e37a0f0f45ecb6b493932af5f3ab97c

  • SHA256

    d35f277cde36e5a9f767cd50b733d4c4446e5e820d31e5b66194f400a4affac9

  • SHA512

    5003e1dcfb7f0e062d58f9bc7410030d560fce883afdf9ef66f50b208a4bd86a826da3833b6f6b5dc6f282ac6cd252691ce9f961af71ed87fe07d2c88c6dc284

  • SSDEEP

    768:W7BlphA7pARFbhM0Kkq81LOyq81LOl6Sl5ltg:W7ZhA7pApM21LOA1LOl6Ag

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (4673) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\d35f277cde36e5a9f767cd50b733d4c4446e5e820d31e5b66194f400a4affac9N.exe
    "C:\Users\Admin\AppData\Local\Temp\d35f277cde36e5a9f767cd50b733d4c4446e5e820d31e5b66194f400a4affac9N.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:3452

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-786284298-625481688-3210388970-1000\desktop.ini.tmp
    Filesize

    35KB

    MD5

    434f0907ff1d42ee6b348e86588a05c6

    SHA1

    024a3c53a272038f956efc38254e2aaa7a46a82b

    SHA256

    fe746ce6a801642a6b0d0ed6909270b7c018beed4cbf812e570c6afc85eb08c6

    SHA512

    d76ee2f474eb0152981c689d1948c6a8a8e34b8fa006676f08126f37849b7d35c454d3cbd8bc2edd2c8950c0bd5a776296efa73415509297844e118b311e7a8b

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    134KB

    MD5

    6e9bd1c029198b2445b62a754a4e76a1

    SHA1

    b09afeb89cb1ec2075145d25be7cdb334555c91c

    SHA256

    440c33d57fe7157edf81b2afb1ff9e8b6f50a726737eb38586aab073962b1812

    SHA512

    ee6aaa35981ead91a57522a91667f5dd48432834c6689ed514e7fc0272c4cb8a020361e6808858d306c927ae7144ca74b2d89b54687e59fb1251e1612a4219bf

    Download Submit