Overview

overview

10

Static

static

inn.bin.exe

windows7_x64

1

inn.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    inn.bin.zip

  • Size

    71KB

  • Sample

    201031-gfwj9pf69j

  • MD5

    e4c873a35b1ad2db6ecb4734c20b1b8e

  • SHA1

    0cfd45a935c5e40271bd65b8937d05fae603ce20

  • SHA256

    57594f717e61f16279700e7f364b2856ac853b7d76f284621e3aa46d3f7faa3c

  • SHA512

    49e72176277b86e98920aa6db744b2dd2f700d857b6db06982cd6ba3df503a441ce6d612626ad70ad0254a0ace5bb836fb7cb17bc3069178faa6f8f8ffc36afc

Score
10/10
persistenceransomware

Malware Config

Extracted

Path

C:\Boot\bg-BG\read_me_lkd.txt

Ransom Note
Hello Technology and Strategy! All your fileservers, HyperV infrastructure and backups have been encrypted! Trying to decrypt or modify the files with programs other than our decryptor can lead to permanent loss of data! The only way to recover your files is by cooperating with us. To prove our seriousness, we can decrypt 1 non - critical file for free as proof. Contacts: TECHANDSTRATsupport@secmail.pro TECHANDSTRATsuport@protonmail.com
Emails

TECHANDSTRATsupport@secmail.pro

TECHANDSTRATsuport@protonmail.com

Targets

    • Target

      inn.bin

    • Size

      155KB

    • MD5

      af568e8a6060812f040f0cb0fd6f5a7b

    • SHA1

      e7f0c17b338d78c4f8b82b032af9f81828512b30

    • SHA256

      3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9

    • SHA512

      2c44272dcf130a95ea0e83fa02d2629edecf94b16452127f2e177f00f4bf48f2e306ec53b28d2005a27e8b683dc683fb54146a711233aa1e1c4256a9e4ac979b

    Score
    10/10
    persistenceransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Modifies service

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks