Overview

overview

10

Static

static

4e2554b448...1e.exe

windows7_x64

10

4e2554b448...1e.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e2554b448424859b508433e6c4a043718343febc7894a849f446dd197b47d1e

  • Size

    350KB

  • Sample

    200806-pjwj6an91s

  • MD5

    90c0d9bae24b7101eb934b5e4ad2e4f4

  • SHA1

    c9ddea45341162e1d4635da3a30a01f8e8819640

  • SHA256

    4e2554b448424859b508433e6c4a043718343febc7894a849f446dd197b47d1e

  • SHA512

    a155644217228e19e28389529ceb864c57d6ac8229e881af7ccf38e09986995d92d8bd51e548a93d165415dc7c468cf3e2bcfb57de6c5eac19e3aa5c497bc598

Score
10/10
mazepersistenceransomwarespywaretrojan

Malware Config

Targets

    • Target

      4e2554b448424859b508433e6c4a043718343febc7894a849f446dd197b47d1e

    • Size

      350KB

    • MD5

      90c0d9bae24b7101eb934b5e4ad2e4f4

    • SHA1

      c9ddea45341162e1d4635da3a30a01f8e8819640

    • SHA256

      4e2554b448424859b508433e6c4a043718343febc7894a849f446dd197b47d1e

    • SHA512

      a155644217228e19e28389529ceb864c57d6ac8229e881af7ccf38e09986995d92d8bd51e548a93d165415dc7c468cf3e2bcfb57de6c5eac19e3aa5c497bc598

    Score
    10/10
    ransomwaretrojanmazespywarepersistence

    • Maze

      Ransomware family also known as ChaCha.

      trojanransomwaremaze

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Modifies service

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks