Overview

overview

9

Static

static

3

c1c3330159...ea.exe

windows7-x64

9

c1c3330159...ea.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea

  • Size

    83KB

  • Sample

    240701-cre8zatamg

  • MD5

    7cf549d9fff1643e96508a8b0cac068d

  • SHA1

    1ae3edbbbebf31ac889cece6e60924d5d5cfb0f6

  • SHA256

    c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea

  • SHA512

    d8c6e870e616e7f8f4a36b06987d37b204645c9fca275ea08547c22cc80610abfb34d2ea3113d62505289e29482bff5e558a0ca183f27f551996c70946889058

  • SSDEEP

    768:W7BlpppARFbhMK4og7BlpppARFbhMK4ov:W7ZppApMK4og7ZppApMK4ov

Score
9/10
ransomware

Malware Config

Targets

    • Target

      c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea

    • Size

      83KB

    • MD5

      7cf549d9fff1643e96508a8b0cac068d

    • SHA1

      1ae3edbbbebf31ac889cece6e60924d5d5cfb0f6

    • SHA256

      c1c3330159abe28bce7e3baca6994a82aa917c3581e77a002a8c087c9e1a8cea

    • SHA512

      d8c6e870e616e7f8f4a36b06987d37b204645c9fca275ea08547c22cc80610abfb34d2ea3113d62505289e29482bff5e558a0ca183f27f551996c70946889058

    • SSDEEP

      768:W7BlpppARFbhMK4og7BlpppARFbhMK4ov:W7ZppApMK4og7ZppApMK4ov

    Score
    9/10
    ransomware

    • Renames multiple (4444) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks