Overview

overview

10

Static

static

1.bin.exe

windows7_x64

10

1.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.bin

  • Size

    645KB

  • Sample

    200715-rgdb7derz6

  • MD5

    79cdf459683c39e9704a37a6be9bc877

  • SHA1

    450d4f351c3dd168e313b309da4bd8a817453d1d

  • SHA256

    48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c

  • SHA512

    2cc3f164e92650c4d4aed7012da7d303d24cdc63565ed744a28cb6d59465189233a128a01f4b807aa972057e0d0d98742c5ca9b41a67bf59f0f115de30eb6bd4

Score
10/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      1.bin

    • Size

      645KB

    • MD5

      79cdf459683c39e9704a37a6be9bc877

    • SHA1

      450d4f351c3dd168e313b309da4bd8a817453d1d

    • SHA256

      48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c

    • SHA512

      2cc3f164e92650c4d4aed7012da7d303d24cdc63565ed744a28cb6d59465189233a128a01f4b807aa972057e0d0d98742c5ca9b41a67bf59f0f115de30eb6bd4

    Score
    10/10
    evasiontrojanransomwarepersistence

    • UAC bypass

      evasiontrojan

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    • Enumerates connected drives

    • Modifies service

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks