Overview

overview

10

Static

static

d65fa9ed12...25.exe

windows7_x64

10

d65fa9ed12...25.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d65fa9ed1220cfa12d22239ca62a4b5978bb613090fc1dcb0cccdf191151d125

  • Size

    351KB

  • Sample

    200624-v26gcz8kre

  • MD5

    391370b48b8f64f86c628742b03de53a

  • SHA1

    0c4ef4daef2458ae999d2d3bf3ee837491369a25

  • SHA256

    d65fa9ed1220cfa12d22239ca62a4b5978bb613090fc1dcb0cccdf191151d125

  • SHA512

    62527b56eb597c1a177f154793f0734ed3e54df7dfd36e619f07a44cee2e22190920fbd15d34a5c8fcdd54853cbad95a797c6fbadc0f5f19ddf25b13945b4adf

Score
10/10
mazepersistenceransomwarespywaretrojan

Malware Config

Targets

    • Target

      d65fa9ed1220cfa12d22239ca62a4b5978bb613090fc1dcb0cccdf191151d125

    • Size

      351KB

    • MD5

      391370b48b8f64f86c628742b03de53a

    • SHA1

      0c4ef4daef2458ae999d2d3bf3ee837491369a25

    • SHA256

      d65fa9ed1220cfa12d22239ca62a4b5978bb613090fc1dcb0cccdf191151d125

    • SHA512

      62527b56eb597c1a177f154793f0734ed3e54df7dfd36e619f07a44cee2e22190920fbd15d34a5c8fcdd54853cbad95a797c6fbadc0f5f19ddf25b13945b4adf

    Score
    10/10
    ransomwaretrojanmazepersistencespyware

    • Maze

      Ransomware family also known as ChaCha.

      trojanransomwaremaze

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Modifies service

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks