Overview

overview

10

Static

static

10

f028ba43c0...1N.exe

windows7-x64

10

f028ba43c0...1N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f028ba43c00cce81834f95519a7b5e539466933f83a5ad24c83302508614be51N

  • Size

    824KB

  • Sample

    240920-nas92stdkr

  • MD5

    0c60d1eef39bdaf52a6ce5f37b5a4230

  • SHA1

    c10100bc22bc4a5a6dcbaa102affdd2acb9db6d7

  • SHA256

    f028ba43c00cce81834f95519a7b5e539466933f83a5ad24c83302508614be51

  • SHA512

    e6da74d4e749febc0eb28bb504d8ececc903b17abc97fc408df3ec8ecd6d69c1266cfd3ab3985132893af722390cdbacb570126a78976b5fbb16f55ddc0ff0e2

  • SSDEEP

    12288:UwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEU888888888888W8888888J:kNzCtUpQ9WWPBSSRMTEpXNm

Score
10/10
renamerdiscoveryworm

Malware Config

Targets

    • Target

      f028ba43c00cce81834f95519a7b5e539466933f83a5ad24c83302508614be51N

    • Size

      824KB

    • MD5

      0c60d1eef39bdaf52a6ce5f37b5a4230

    • SHA1

      c10100bc22bc4a5a6dcbaa102affdd2acb9db6d7

    • SHA256

      f028ba43c00cce81834f95519a7b5e539466933f83a5ad24c83302508614be51

    • SHA512

      e6da74d4e749febc0eb28bb504d8ececc903b17abc97fc408df3ec8ecd6d69c1266cfd3ab3985132893af722390cdbacb570126a78976b5fbb16f55ddc0ff0e2

    • SSDEEP

      12288:UwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEU888888888888W8888888J:kNzCtUpQ9WWPBSSRMTEpXNm

    Score
    10/10
    renamerdiscoveryworm

    • Detects Renamer worm.

      Renamer aka Grename is worm written in Delphi.

    • Renamer, Grenam

      Renamer aka Grenam is a worm written in Delphi.

      wormrenamer

    • Drops startup file

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks