hiddentear | 7edb91b25e27f0962468f46bfc21ad1a439796c2d25d0b688229d4827da0d062 | Triage

Resubmissions

24-02-2022 22:15

220224-16l7tsdgd2 10

21-10-2020 09:53

201021-e9lzaent22 10

Sharing

General

Target

software-launcher.bin.zip
Size

58KB
Sample

201021-e9lzaent22
MD5

c237794c651e499d5045bb81c97fa6bc
SHA1

d8878f82aac5b67de67346feb98593e235df8e52
SHA256

7edb91b25e27f0962468f46bfc21ad1a439796c2d25d0b688229d4827da0d062
SHA512

82ad580bc7316e6ab70d6e22013bc9dde6286b9b0c654af427a85cff0af0f45550587c5f02c3008308f4e4ff65ae1c00d375aaf41f5fe6f96e9c21d370ffa758

Score

10^/10

hiddentear ransomware

Malware Config

Targets

- Target
  
  software-launcher.bin
- Size
  
  207KB
- MD5
  
  900c456cbcd61ed2bf91378112e93eb0
- SHA1
  
  c227ca088a4f80729b83396cafa0152d9778254e
- SHA256
  
  fd945e2cc6d1b3a453135d5df04eeccbfd16f76e0744dd27b99e0eccaa9053bd
- SHA512
  
  e9e71efbe7e70ece0d5022c401d6cb8c808237946b6a30fcfe18d8d43ea93460c04977015daf05a7baa5a9f1467c5ffdcf499a52706c27a0055529a3f38f0ba7
Score

10^/10

ransomware hiddentear
- HiddenTear Ransomware
  Open-Source ransomware available on Github since 2015, with many versions in the wild.
  ransomware hiddentear
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ransomwarehiddentear

behavioral2

ransomwarehiddentear