Overview

overview

9

Static

static

3

8a9e982f0b...fN.exe

windows7-x64

9

8a9e982f0b...fN.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a9e982f0bc91c51d56b2b8682a3fb649db3e6deb2d4d83b4d903bb94903ec6fN

  • Size

    90KB

  • Sample

    240919-hy4g2awhqp

  • MD5

    9ab69028d7b2264ad06ae4d993c36060

  • SHA1

    dc8064c87ace984a90afdda2a8a499305b00cc85

  • SHA256

    8a9e982f0bc91c51d56b2b8682a3fb649db3e6deb2d4d83b4d903bb94903ec6f

  • SHA512

    f91cab5d1f04a07b4675a524f1237c6da1bace1e355f71705ec48fd52d5bc8558d73a987c4ce6f47a11c3bbfe0024752dee7533ad6c55e54a3a4d3cee355735b

  • SSDEEP

    1536:W7ZhA7pApM21LOA1LO87ZhA7pApM21LOA1LOu5:6e7WpMgLOiLO8e7WpMgLOiLOs

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      8a9e982f0bc91c51d56b2b8682a3fb649db3e6deb2d4d83b4d903bb94903ec6fN

    • Size

      90KB

    • MD5

      9ab69028d7b2264ad06ae4d993c36060

    • SHA1

      dc8064c87ace984a90afdda2a8a499305b00cc85

    • SHA256

      8a9e982f0bc91c51d56b2b8682a3fb649db3e6deb2d4d83b4d903bb94903ec6f

    • SHA512

      f91cab5d1f04a07b4675a524f1237c6da1bace1e355f71705ec48fd52d5bc8558d73a987c4ce6f47a11c3bbfe0024752dee7533ad6c55e54a3a4d3cee355735b

    • SSDEEP

      1536:W7ZhA7pApM21LOA1LO87ZhA7pApM21LOA1LOu5:6e7WpMgLOiLO8e7WpMgLOiLOs

    Score
    9/10
    discoveryransomware

    • Renames multiple (4301) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks