IRSdeclaration‮cod.exe

General
Target

IRSdeclaration‮cod.exe

Size

282KB

Sample

200313-8w7dt2yb5n

Score
9 /10
MD5

fe3fd53ddc7c229b1150d970a05947c0

SHA1

3abeddbbbd29310290955cc7c1a895550c92ab96

SHA256

c414bbb789af8e3fb93b33344b31f1991582ec0f06558b29a3178d2b02465c72

SHA512

8b94e67f48f90d7a0e463a7623ba6f87a5f4108f33587c8f579f29aa3c9b0a22f7e134470824d25dccb552bfc868b18cd3f05ef09aaceef2bab6984c21f203b4

Malware Config
Targets
Target

IRSdeclaration‮cod.exe

MD5

fe3fd53ddc7c229b1150d970a05947c0

Filesize

282KB

Score
9/10
SHA1

3abeddbbbd29310290955cc7c1a895550c92ab96

SHA256

c414bbb789af8e3fb93b33344b31f1991582ec0f06558b29a3178d2b02465c72

SHA512

8b94e67f48f90d7a0e463a7623ba6f87a5f4108f33587c8f579f29aa3c9b0a22f7e134470824d25dccb552bfc868b18cd3f05ef09aaceef2bab6984c21f203b4

Tags

Signatures

  • Deletes shadow copies

    Description

    Ransomware often targets backup files to inhibit system recovery.

    Tags

    TTPs

    File DeletionInhibit System Recovery
  • Deletes itself

  • Modifies service

    Tags

    TTPs

    Modify RegistryModify Existing Service

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
          Execution
            Exfiltration
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    9/10

                    behavioral2

                    9/10