88a2219b537ea94b1244c443f9292bd21fb09a5da421c5bcd88234f749865d34 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

LegacyLauncher.exe

windows10-2004-x64

9

Resubmissions

09/05/2025, 20:39

250509-zfm6rsbp6s 7

08/05/2025, 06:11

250508-gxza9abm61 9

Sharing

Copy URL Twitter E-mail

General

Target

LegacyLauncher.exe
Size

112.4MB
Sample

250508-gxza9abm61
MD5

2fd494a48ce90891a3307c749c3f3f13
SHA1

0b9bf19e39750dfacc2a6f678fd0d0ae3db229be
SHA256

88a2219b537ea94b1244c443f9292bd21fb09a5da421c5bcd88234f749865d34
SHA512

2f02287cbeb437699dc7014d045fb46bf1b7a452d69e225f889f97c3a75cb84e91336e91c17a5b69604f0de216ec9d57f1b0b257ed97a40214426165e143813d
SSDEEP

3145728:cyz7ZdUGd578MT6yCp5tfF6yFyreHCR249ge0hW7:cyz7ZdUGw/7xF6yildgeWI

Score

9^/10

discovery ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

LegacyLauncher.exe

Resource

win10v2004-20250502-en

discovery ransomware

windows10-2004-x64

25 signatures

600 seconds

Malware Config

Targets

- Target
  
  LegacyLauncher.exe
- Size
  
  112.4MB
- MD5
  
  2fd494a48ce90891a3307c749c3f3f13
- SHA1
  
  0b9bf19e39750dfacc2a6f678fd0d0ae3db229be
- SHA256
  
  88a2219b537ea94b1244c443f9292bd21fb09a5da421c5bcd88234f749865d34
- SHA512
  
  2f02287cbeb437699dc7014d045fb46bf1b7a452d69e225f889f97c3a75cb84e91336e91c17a5b69604f0de216ec9d57f1b0b257ed97a40214426165e143813d
- SSDEEP
  
  3145728:cyz7ZdUGd578MT6yCp5tfF6yFyreHCR249ge0hW7:cyz7ZdUGw/7xF6yildgeWI
Score

9^/10

discovery ransomware
- Renames multiple (186) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

© 2018-2025

Terms | Privacy

	
		OSZAR »