General

  • Target

    130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a.exe

  • Size

    824KB

  • Sample

    241120-wkjscsvngp

  • MD5

    fb906c89a44c72dbc6defbdf256a55d1

  • SHA1

    f79e9fb74936be290c4dfc1bc94b8dbad2ab5098

  • SHA256

    130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a

  • SHA512

    c2d5edd86a3cd84609d65f2a26297e920b4ddc556bb5673d3b4f0e9cf4293433731b210210462b1f2e194af6de087792a5c2921833e53f823e3ddf9971129e33

  • SSDEEP

    12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEtg888888888888W888888E:NNzCtUpQ9WWPBSSRMTEpXNY

Score
10/10

Malware Config

Targets

    • Target

      130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a.exe

    • Size

      824KB

    • MD5

      fb906c89a44c72dbc6defbdf256a55d1

    • SHA1

      f79e9fb74936be290c4dfc1bc94b8dbad2ab5098

    • SHA256

      130d4473ed05d2883485347b31b705964c5491188a55b72009e79b79fa5aef2a

    • SHA512

      c2d5edd86a3cd84609d65f2a26297e920b4ddc556bb5673d3b4f0e9cf4293433731b210210462b1f2e194af6de087792a5c2921833e53f823e3ddf9971129e33

    • SSDEEP

      12288:ZwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEtg888888888888W888888E:NNzCtUpQ9WWPBSSRMTEpXNY

    Score
    10/10
    • Detects Renamer worm.

      Renamer aka Grename is worm written in Delphi.

    • Renamer family

    • Renamer, Grenam

      Renamer aka Grenam is a worm written in Delphi.

    • Drops startup file

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks