hiddentear | 7edb91b25e27f0962468f46bfc21ad1a439796c2d25d0b688229d4827da0d062 | Triage

Resubmissions

24-02-2022 22:15

220224-16l7tsdgd2 10

21-10-2020 09:53

201021-e9lzaent22 10

Sharing

General

Target

software-launcher.bin.zip
Size

58KB
Sample

201021-e9lzaent22
MD5

c237794c651e499d5045bb81c97fa6bc
SHA1

d8878f82aac5b67de67346feb98593e235df8e52
SHA256

7edb91b25e27f0962468f46bfc21ad1a439796c2d25d0b688229d4827da0d062
SHA512

82ad580bc7316e6ab70d6e22013bc9dde6286b9b0c654af427a85cff0af0f45550587c5f02c3008308f4e4ff65ae1c00d375aaf41f5fe6f96e9c21d370ffa758

Score

10^/10

hiddentear ransomware

Malware Config

Targets

- Target
  
  software-launcher.bin
- Size
  
  207KB
- MD5
  
  900c456cbcd61ed2bf91378112e93eb0
- SHA1
  
  c227ca088a4f80729b83396cafa0152d9778254e
- SHA256
  
  fd945e2cc6d1b3a453135d5df04eeccbfd16f76e0744dd27b99e0eccaa9053bd
- SHA512
  
  e9e71efbe7e70ece0d5022c401d6cb8c808237946b6a30fcfe18d8d43ea93460c04977015daf05a7baa5a9f1467c5ffdcf499a52706c27a0055529a3f38f0ba7
Score

10^/10

ransomware hiddentear
- HiddenTear Ransomware
  Open-Source ransomware available on Github since 2015, with many versions in the wild.
  ransomware hiddentear
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ransomwarehiddentear

behavioral2

ransomwarehiddentear