4d0dabf226858d79c903e62f4422e95263f9c184f2c286e96a1d09560f44b6ec | Triage

Submit
Reports

Overview

overview

Static

static

Deniz_K_z_.bin.exe

windows7_x64

Deniz_K_z_.bin.exe

windows10_x64

Sharing

General

Target

Deniz_K_z_.bin.zip
Size

1.5MB
Sample

200722-ej86e5sbnj
MD5

ec873bd546dec40918564405d1e6a5e3
SHA1

8036cbe2f8a8f4b54f9777f4a9af9b9f27435567
SHA256

4d0dabf226858d79c903e62f4422e95263f9c184f2c286e96a1d09560f44b6ec
SHA512

737d741ff2c35e789e3f073cc698ca472c9735352368068c57e972d83e94c0ada43c83bd5d95023f061ee9960ca07fec4bab40964fdf8da42f1d98391e6eb1ef

Score

10^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Deniz_K_z_.bin.exe

Resource

win7

evasion trojan persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Deniz_K_z_.bin.exe

Resource

win10

evasion trojan ransomware persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Deniz_K_z_.bin
- Size
  
  3.4MB
- MD5
  
  fc78e6e58352151fb77a4b92f239d381
- SHA1
  
  4dda3af9601922394f0c16713180beb2ec88c050
- SHA256
  
  c8d49d874454bf1fa50cb7e4c00677e028af38e1d22e41476634d5d5a349cd7e
- SHA512
  
  4df0c69609087abc21be95574b6b09ff12253177a1dfee101ae7e24aa754d494fc837c41cfe636a686b644c9ebe7bf79fe805478ed75ee66a183208f7b3ca489
Score

10^/10

evasion trojan persistence ransomware
- UAC bypass
  evasion trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Disables Task Manager via registry modification
  evasion
- Drops file in Drivers directory
- Modifies Windows Firewall
  evasion
- Checks whether UAC is enabled
  evasion trojan
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasiontrojanpersistenceransomware

behavioral2

evasiontrojanransomwarepersistence

© 2018-2025

Terms | Privacy