Overview

overview

10

Static

static

10

194a98609b...c3.exe

windows7-x64

10

194a98609b...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    194a98609bd5a434517d3ab55203e9b3b251fd3b41453d4919a6d2f1899770c3

  • Size

    824KB

  • Sample

    250207-y74r6axmdr

  • MD5

    dab2c050c55c30dcd8f9826449b24c89

  • SHA1

    2bfe88ef1c89c3c73334ece281173bf2380421ce

  • SHA256

    194a98609bd5a434517d3ab55203e9b3b251fd3b41453d4919a6d2f1899770c3

  • SHA512

    52afc339b5097872cc977f892f3db202803260bc4d592f03f61d744241b2bcab21321b0e00416b300cbae1ebd8e0acc8404fbeb3b479c39e9e156fce76960108

  • SSDEEP

    12288:hwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4AhozEn888888888888W8888888J:lNzCtUpQ9WWPBSSRMTEptNT

Score
10/10
renamerdiscoveryworm

Malware Config

Targets

    • Target

      194a98609bd5a434517d3ab55203e9b3b251fd3b41453d4919a6d2f1899770c3

    • Size

      824KB

    • MD5

      dab2c050c55c30dcd8f9826449b24c89

    • SHA1

      2bfe88ef1c89c3c73334ece281173bf2380421ce

    • SHA256

      194a98609bd5a434517d3ab55203e9b3b251fd3b41453d4919a6d2f1899770c3

    • SHA512

      52afc339b5097872cc977f892f3db202803260bc4d592f03f61d744241b2bcab21321b0e00416b300cbae1ebd8e0acc8404fbeb3b479c39e9e156fce76960108

    • SSDEEP

      12288:hwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4AhozEn888888888888W8888888J:lNzCtUpQ9WWPBSSRMTEptNT

    Score
    10/10
    renamerdiscoveryworm

    • Detects Renamer worm.

      Renamer aka Grename is worm written in Delphi.

    • Renamer family

      renamer

    • Renamer, Grenam

      Renamer aka Grenam is a worm written in Delphi.

      wormrenamer

    • Downloads MZ/PE file

    • Drops startup file

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks