Overview

overview

9

Static

static

1

AnyDesk.exe

windows11-21h2-x64

9

Resubmissions

10-10-2024 18:32

241010-w64pnazgnd 5

10-10-2024 14:19

241010-rm4hbszcqh 9

10-10-2024 01:20

241010-bp4m4stcjc 9

10-10-2024 01:10

241010-bjsnnaydrm 5

08-10-2024 15:40

241008-s4h4dsxbmb 9

12-01-2024 18:13

240112-wt3xladfg9 3

12-01-2024 18:08

240112-wqwdcadadp 5

22-12-2023 23:33

231222-3j1stagbc5 3

22-12-2023 23:30

231222-3hbgjadfeq 3

20-12-2023 04:20

231220-eyel5aegh3 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AnyDesk.exe

  • Size

    5.2MB

  • Sample

    241008-s4h4dsxbmb

  • MD5

    37e172be64b12f3207300d11b74656b8

  • SHA1

    1895d7c4f785f92e48b5191fd812822593cbc73f

  • SHA256

    bc747e3bf7b6e02c09f3d18bdd0e64eef62b940b2f16c9c72e647eec85cf0138

  • SHA512

    98cf7a591beb4af2066ddd9d17caee69b3cbb42343cb4dc0d517fb99983159ae8e960c315030487b3ea22b2512359f108a6cfe15ec3b725c040ac06b877c88ff

  • SSDEEP

    98304:pgBOLscYr9NrQO6lSdAd7qvlyBhbUhrZsTY3ycd8izlxGhzAqK3:KOoc+dQO6+Ad7qdriTYlfzlIhMt

Score
9/10
defense_evasiondiscoveryransomware

Malware Config

Targets

    • Target

      AnyDesk.exe

    • Size

      5.2MB

    • MD5

      37e172be64b12f3207300d11b74656b8

    • SHA1

      1895d7c4f785f92e48b5191fd812822593cbc73f

    • SHA256

      bc747e3bf7b6e02c09f3d18bdd0e64eef62b940b2f16c9c72e647eec85cf0138

    • SHA512

      98cf7a591beb4af2066ddd9d17caee69b3cbb42343cb4dc0d517fb99983159ae8e960c315030487b3ea22b2512359f108a6cfe15ec3b725c040ac06b877c88ff

    • SSDEEP

      98304:pgBOLscYr9NrQO6lSdAd7qvlyBhbUhrZsTY3ycd8izlxGhzAqK3:KOoc+dQO6+Ad7qdriTYlfzlIhMt

    Score
    9/10
    defense_evasiondiscoveryransomware

    • Renames multiple (89) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Downloads MZ/PE file

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks