Overview

overview

9

Static

static

3

4f6d596528...7N.exe

windows7-x64

9

4f6d596528...7N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4f6d5965280ed4995ec5806e0658f08388194fd12a8848c0b9f70034143c2cb7N

  • Size

    132KB

  • Sample

    241014-xahb8atfrj

  • MD5

    7e3b497e8f252e10b9d4da2a6e939d30

  • SHA1

    f79ad35889f8cc176009ec0d6320f9bedac8e737

  • SHA256

    4f6d5965280ed4995ec5806e0658f08388194fd12a8848c0b9f70034143c2cb7

  • SHA512

    c1712765445548eefb2528b193dc79816ef0134a51780d73137b2288a7c6fe73297128b10e893d57d94b81a40522af3e92ee937da5b31df06fb91651a395de3d

  • SSDEEP

    3072:6pWpBwchcwDqqupWpBwchcwDqqOpWpBwchcwDqqu:PPfK

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      4f6d5965280ed4995ec5806e0658f08388194fd12a8848c0b9f70034143c2cb7N

    • Size

      132KB

    • MD5

      7e3b497e8f252e10b9d4da2a6e939d30

    • SHA1

      f79ad35889f8cc176009ec0d6320f9bedac8e737

    • SHA256

      4f6d5965280ed4995ec5806e0658f08388194fd12a8848c0b9f70034143c2cb7

    • SHA512

      c1712765445548eefb2528b193dc79816ef0134a51780d73137b2288a7c6fe73297128b10e893d57d94b81a40522af3e92ee937da5b31df06fb91651a395de3d

    • SSDEEP

      3072:6pWpBwchcwDqqupWpBwchcwDqqOpWpBwchcwDqqu:PPfK

    Score
    9/10
    discoveryransomware

    • Renames multiple (3270) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks