Overview

overview

9

Static

static

3

315e283c6e...4N.exe

windows7-x64

9

315e283c6e...4N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-10-2024 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    315e283c6eebb51c560bac601e1a2cd111f444d4341813986272f2a9ed4b8f04N.exe

  • Size

    94KB

  • MD5

    60434b6922f9c9729af1e0f188be2060

  • SHA1

    48cda778d91eab16384cd26b43c5cc3e134447e7

  • SHA256

    315e283c6eebb51c560bac601e1a2cd111f444d4341813986272f2a9ed4b8f04

  • SHA512

    4fb1b3d441b3581ab8bb4ba7ef2302a63d4b037b92908de7371ad90b1fa8b8c5ab463cffc5946a0b74da8c4f4a0bccda1041862fd04402732eb9745eeec4e25c

  • SSDEEP

    1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+ejy0Wjy0WzYjh4J/e8J/eYTC:6e7WpMaxeb0CYJ97lEYNR73e+eGGW

Score
9/10
discoveryransomware

Malware Config

Signatures

  • Renames multiple (4382) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\315e283c6eebb51c560bac601e1a2cd111f444d4341813986272f2a9ed4b8f04N.exe
    "C:\Users\Admin\AppData\Local\Temp\315e283c6eebb51c560bac601e1a2cd111f444d4341813986272f2a9ed4b8f04N.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-656926755-4116854191-210765258-1000\desktop.ini.tmp
    Filesize

    95KB

    MD5

    37a4dc4a1cb8174158f39eeede4bb1c2

    SHA1

    5dee121f7938d3e4d251e6e3c5b2d5276a49a230

    SHA256

    4b89979d7efa32bdddc5528ef1195c06c2c5760aa36800892f2af578f4fa52eb

    SHA512

    b049a3d7eb656da9d36e949b992bd5127db84d6f13a364c5e5cd0934e55da0cace9a0afb2972a535242e711f0fa839f5af8e3211eda82febc3b7cd8045677817

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    193KB

    MD5

    bb7e41bd17ae6d214598396dc165edbe

    SHA1

    9eea775f60da1a3e22f1086bf246a2574e45f90d

    SHA256

    1455238d332e341258305942684b61f07f6856e3ad1f39b096f5e9bf7b64ca81

    SHA512

    6bb5150aa6faf4c5c6cd36ccc4a8904e036517bb00e245a08dd4e17f901c1c2057834d789b9422dea44a6ca5b5b1d6d8897f1bc9715dbcf023cde87ef067188a

    Download Submit