Overview

overview

9

Static

static

3

23c1f9df01...dN.exe

windows7-x64

9

23c1f9df01...dN.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23c1f9df01822d0ab458499f5739979fe937081798ab96ef0f50d40f1c064a2dN

  • Size

    96KB

  • Sample

    241013-k5n22atarl

  • MD5

    a62db601d01541ebc2463c04e95fed80

  • SHA1

    fde2fe71206b52d039b08ac345e90f8d8e1902ff

  • SHA256

    23c1f9df01822d0ab458499f5739979fe937081798ab96ef0f50d40f1c064a2d

  • SHA512

    e5aedc5e9b881459624ad74a5653b112dec897f4d980a4848c6805ce0bcf1fb25e99899164d49b9ac25e67accc81562d40138e3ec930d371212d84e7c54432fa

  • SSDEEP

    3072:6+Wp2naKIKNSarSaN+Wp2naKIKNSarSaD:AonzSarSaJonzSarSaD

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      23c1f9df01822d0ab458499f5739979fe937081798ab96ef0f50d40f1c064a2dN

    • Size

      96KB

    • MD5

      a62db601d01541ebc2463c04e95fed80

    • SHA1

      fde2fe71206b52d039b08ac345e90f8d8e1902ff

    • SHA256

      23c1f9df01822d0ab458499f5739979fe937081798ab96ef0f50d40f1c064a2d

    • SHA512

      e5aedc5e9b881459624ad74a5653b112dec897f4d980a4848c6805ce0bcf1fb25e99899164d49b9ac25e67accc81562d40138e3ec930d371212d84e7c54432fa

    • SSDEEP

      3072:6+Wp2naKIKNSarSaN+Wp2naKIKNSarSaD:AonzSarSaJonzSarSaD

    Score
    9/10
    discoveryransomware

    • Renames multiple (4390) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks