710ae372c264b9b1d16b1a0a25a4cdae99ab4a4c67db1fea5ad4ecb3e894bcd4 | Triage

Sharing

General

Target

0c2013904dddc7a75d7cfb297b302b30b4ceb0caaf13af01097e422cfcd9392c.zip
Size

238KB
Sample

200728-799ac8kbrn
MD5

c746ef17eebce19cc1169fcefdc55572
SHA1

9bb4672037f452474396408d40735d1b37759c42
SHA256

710ae372c264b9b1d16b1a0a25a4cdae99ab4a4c67db1fea5ad4ecb3e894bcd4
SHA512

96eb199b80ce3055265c0ebfac4c9eea53b612d9bdfb6d6c639fac81c4d2802fc1efa6d4d15fc047edbed28a1724c3f6aa68532c327e5e159c00c1b8482e565c

Score

8^/10

ransomware spyware

Malware Config

Targets

- Target
  
  0c2013904dddc7a75d7cfb297b302b30b4ceb0caaf13af01097e422cfcd9392c
- Size
  
  537KB
- MD5
  
  dcc11d6bcb5db3714555eeab0f426355
- SHA1
  
  c85bf19f5cb2ea39aa1eab88c3da82be498c99e3
- SHA256
  
  0c2013904dddc7a75d7cfb297b302b30b4ceb0caaf13af01097e422cfcd9392c
- SHA512
  
  bd725a4c98a3324277c6f3553da0ab2b195155770816afe7cd12d83310edbb2a1a4234ec5eb24dd3fec365b748a14cc7394d8bf8d012dd975e4b573c63111ac1
Score

8^/10

ransomware spyware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ransomwarespyware

behavioral2

ransomwarespyware