Analysis

  • max time kernel
    67s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    25-07-2020 07:29

General

  • Target

    wyvernlocker.bin.exe

  • Size

    15KB

  • MD5

    1ae93141c7fdc45dd4784c9e427a2fdd

  • SHA1

    6f7ca46e99944e32263481a319ce9bd7e15c3eae

  • SHA256

    5d24babb98043b1133cc36ec6e4537e5ee515e9e9cadf709021f6961f6e40758

  • SHA512

    ad874a785ce815886d7d2e14de48751b688602d38c5ebef40a32374aeb4918e6328f021f708b0201cf8c76b0de2236369d1138b898f0d0156286fcae4fa37e04

Score
8/10

Malware Config

Signatures

  • Drops file in Program Files directory 16386 IoCs
  • Drops desktop.ini file(s) 3 IoCs
  • Modifies extensions of user files 10 IoCs

    Ransomware generally changes the extension on encrypted files.

Processes

  • C:\Users\Admin\AppData\Local\Temp\wyvernlocker.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\wyvernlocker.bin.exe"
    1⤵
    • Drops file in Program Files directory
    • Drops desktop.ini file(s)
    • Modifies extensions of user files
    PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads