Overview

overview

9

Static

static

3

e44eab0a70...2b.exe

windows7-x64

9

e44eab0a70...2b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e44eab0a701af7352ab9e07c88ed052cd3629cbd79728cbf2ed3ee91cbd1242b

  • Size

    165KB

  • Sample

    240701-efe5yavhlf

  • MD5

    0e0f10dc182795ec426257bec0146a39

  • SHA1

    0040d7d6095a6a3fad2f8cd4c0d0e52be84b2111

  • SHA256

    e44eab0a701af7352ab9e07c88ed052cd3629cbd79728cbf2ed3ee91cbd1242b

  • SHA512

    a738f8be1b2349eddf45702af82d38370ce54a986b76a27c19b302fad52c2d3021e6b9e2c3520b11caf16725baf6b1e4e36d429b8915ea4b7cccabbc8fd06c4a

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBV:PqFF2Ie+egKqFF2Ie+egp

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e44eab0a701af7352ab9e07c88ed052cd3629cbd79728cbf2ed3ee91cbd1242b

    • Size

      165KB

    • MD5

      0e0f10dc182795ec426257bec0146a39

    • SHA1

      0040d7d6095a6a3fad2f8cd4c0d0e52be84b2111

    • SHA256

      e44eab0a701af7352ab9e07c88ed052cd3629cbd79728cbf2ed3ee91cbd1242b

    • SHA512

      a738f8be1b2349eddf45702af82d38370ce54a986b76a27c19b302fad52c2d3021e6b9e2c3520b11caf16725baf6b1e4e36d429b8915ea4b7cccabbc8fd06c4a

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBV:PqFF2Ie+egKqFF2Ie+egp

    Score
    9/10
    ransomware

    • Renames multiple (84) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks