Overview

overview

9

Static

static

3

7dc09842a1...4N.exe

windows7-x64

9

7dc09842a1...4N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7dc09842a1683995f4159114fc097acd9705bd7fd684e7f7ad9c36d954c5eed4N.exe

  • Size

    82KB

  • MD5

    8b75ed46bd066e1edef0010e0ade9c40

  • SHA1

    3d12d0174d50a412a1170332d09adf51e827209f

  • SHA256

    7dc09842a1683995f4159114fc097acd9705bd7fd684e7f7ad9c36d954c5eed4

  • SHA512

    df85c364a903a0e811832c1335b9681b405f1ea82d953b61d483d21ac9c8e2fd6c8cc94d081ad77cb597750d92b995b0b5a2d4d27f524d1a5ad8004fbba75ee2

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+ejy0Wjy0WzYp:6e7WpMaxeb0CYJ97lEYNR73e+eGGG

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (282) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\7dc09842a1683995f4159114fc097acd9705bd7fd684e7f7ad9c36d954c5eed4N.exe
    "C:\Users\Admin\AppData\Local\Temp\7dc09842a1683995f4159114fc097acd9705bd7fd684e7f7ad9c36d954c5eed4N.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:320

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-457978338-2990298471-2379561640-1000\desktop.ini.tmp
    Filesize

    82KB

    MD5

    c64ddc82b0b5ae53aa18bd37889b2e2f

    SHA1

    41f7092efb2af92ca8ce4bf1144621de0bc3444e

    SHA256

    85467d8d3ecb92af0f947e5bb14e31de1ce3993977889a59cfcb0e7522fe146d

    SHA512

    e2ced2432d528f9da775aba1d2ad7c311d3576a301de661b454291d650ff7e365582247eccd960f7c19be7b0dccb024e5db6c5ef33622c90926d09ebd8c7753d

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    91KB

    MD5

    27db5c544d52cb57ac1d956b6197415c

    SHA1

    5724c83e74a4ef97269249b95a4cc02a74896cec

    SHA256

    af874e0bfbce558bbe44c16deaeab09bf8a4211583b25354cb25c49618a4d205

    SHA512

    9966c5e309961bbfd20ea87690155284a498ea795595528dc94fec9863e099027f2098452fe5f4879b9d2112467304727c30b83d7e0ef13a609ece603d226b38

    Download Submit