Overview

overview

9

Static

static

3

05d80f8b4f...7N.exe

windows7-x64

9

05d80f8b4f...7N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05d80f8b4f303c2793f2abeb7c31ec911efe133af7703ea3a103c64ba6305697N

  • Size

    192KB

  • Sample

    240919-gzzpssvblc

  • MD5

    979c95aeb6efb074f0dffc9a65c7b580

  • SHA1

    38febbe7b8b93b7376431c2a6207c13d4ef47070

  • SHA256

    05d80f8b4f303c2793f2abeb7c31ec911efe133af7703ea3a103c64ba6305697

  • SHA512

    5aa2c89107fc483cda647d9281f956b5be1f35390be70d38ae61a3707d315c44957e1835e8e42cf0f8870240fe2e343c8dbd20568ea9c4587be1e4b2b4f8a3f9

  • SSDEEP

    6144:RqlIyFESWu0SWu86jYleqZqlIyFESWu0SWu86jYleqg:tyW6jYvyW6jYq

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      05d80f8b4f303c2793f2abeb7c31ec911efe133af7703ea3a103c64ba6305697N

    • Size

      192KB

    • MD5

      979c95aeb6efb074f0dffc9a65c7b580

    • SHA1

      38febbe7b8b93b7376431c2a6207c13d4ef47070

    • SHA256

      05d80f8b4f303c2793f2abeb7c31ec911efe133af7703ea3a103c64ba6305697

    • SHA512

      5aa2c89107fc483cda647d9281f956b5be1f35390be70d38ae61a3707d315c44957e1835e8e42cf0f8870240fe2e343c8dbd20568ea9c4587be1e4b2b4f8a3f9

    • SSDEEP

      6144:RqlIyFESWu0SWu86jYleqZqlIyFESWu0SWu86jYleqg:tyW6jYvyW6jYq

    Score
    9/10
    discoveryransomware

    • Renames multiple (4100) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks