Overview

overview

9

Static

static

3

d693a5af2d...15.exe

windows7-x64

9

d693a5af2d...15.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    24s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01-07-2024 03:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d693a5af2daa7dc56f7082ea4d18efc91a63c8d40acfff03813ce5364b6de915.exe

  • Size

    80KB

  • MD5

    65f1822d76b1df7ab2db4b75ec9893f0

  • SHA1

    80caf95f51ff248710f6a5bdc4ec81f13c1dd363

  • SHA256

    d693a5af2daa7dc56f7082ea4d18efc91a63c8d40acfff03813ce5364b6de915

  • SHA512

    a23d8f811df4c9b30e4b785f6cbeb92860f5669a728a868bd96b562dc6f3c25045ddf1704b5baf5ebbefb1b1b06bba0644b1e9a281bce128c54b5328aebca29b

  • SSDEEP

    768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmh1444REXBwzEX1:W7ZDpApYbWjIoPyPoLzV7c6Sh1XSW

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (195) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d693a5af2daa7dc56f7082ea4d18efc91a63c8d40acfff03813ce5364b6de915.exe
    "C:\Users\Admin\AppData\Local\Temp\d693a5af2daa7dc56f7082ea4d18efc91a63c8d40acfff03813ce5364b6de915.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp
    Filesize

    80KB

    MD5

    b5257aa041f4dcf85f95d9a8cd9e8d82

    SHA1

    34a2c6cd1356cf9b41265f09fa351f39b12d004d

    SHA256

    7496287fc67e431be51dadb57f7674c391a4da294d9ed83c42ada3ecac3f0710

    SHA512

    4ba5580c7415764d56152876f08942379de36fc4fd29a72dd11093fb20a7e6318479d520539e8f06a151d0db874f517190438012f8b356f8a63dc103873fe59d

    Download Submit
  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    89KB

    MD5

    247a63c44894b3b68db8b93750075289

    SHA1

    7a8315a1f1d524344d6a1ef3053052b614c8d0ed

    SHA256

    26b0f4229957a9c2c0e746ada28c22034fd9aa6e6bf500190599a71764304775

    SHA512

    42c1c06df09f9b54d0378c2275fa886fcebca0f65b363f81e988cd7939420d13cf749d5e9996e6189cd2a7b0cc20a7e400b854a6a31357a25c080f8b5063ed7f

    Download Submit