72b228f51cf5a1b7600f0e0848145e4e54e54838977a5a5b1c85f69b64b92cf5 | Triage

Resubmissions

13-11-2019 07:33

191113-s6xvalyd5a 0

12-11-2019 15:34

191112-9te2mt6rbs 0

04-11-2019 16:22

191104-pvpshym7va 0

Sharing

General

Target

test.zip
Size

7.3MB
Sample

191113-s6xvalyd5a
MD5

d67d29dfc872a069a1f6fe7eec57becb
SHA1

e47cf8238cfb8aa1012e5de1e44d46b23d867f97
SHA256

72b228f51cf5a1b7600f0e0848145e4e54e54838977a5a5b1c85f69b64b92cf5
SHA512

8302ebb02d97800dc6495101129930606a65096556b1d004b94d757a31d0c8935edca87d072d8c0059c055203bead0a2d59a0cf7150f6f954b0be0bfc9849dc7

Score

8^/10

ransomware

Malware Config

Targets

- Target
  
  91B5DB3C0CCBD68BD04C24571E27F99D.msi
- Size
  
  277KB
- MD5
  
  91b5db3c0ccbd68bd04c24571e27f99d
- SHA1
  
  b01cb4fe38315d41fcbe9c6278ebe4574496ab0d
- SHA256
  
  ec85138598c57c6a6bdb5ed470614f582d3b5a8c6b243eb2f41b9970ea13d130
- SHA512
  
  9f0b07f961625fcc06ee64fcfe5e35e0d40db81f75c3cbc584434c1925fac241db69cac3c1a1bf329d965a4df9bdaa53c13bb8ea3206e2c9d4facf7f74ba21b7
Score

8^/10

ransomware
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Discovering connected drives
  ransomware
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2