e90cd8761306b7ee94fa9561e36a49323edb9a6e27213def9ecc93dbae3f2fb7 | Triage

Sharing

General

Target

22222.exe
Size

112KB
Sample

201127-rptenzpsjs
MD5

429a052071b8a18293ab4f849cb80b97
SHA1

c361bc4d23493335b4bd4d505b8e447a18b15b8d
SHA256

e90cd8761306b7ee94fa9561e36a49323edb9a6e27213def9ecc93dbae3f2fb7
SHA512

f90d6ada90505500b954a5ba348787bc5442842253b89b74bb0775281cfb0ba387d4d932a49c76c317f842f72e1003fd4e0dd1b4ada7e1dbc8457d445ba28e47

Score

8^/10

ransomware spyware

Malware Config

Targets

- Target
  
  22222.exe
- Size
  
  112KB
- MD5
  
  429a052071b8a18293ab4f849cb80b97
- SHA1
  
  c361bc4d23493335b4bd4d505b8e447a18b15b8d
- SHA256
  
  e90cd8761306b7ee94fa9561e36a49323edb9a6e27213def9ecc93dbae3f2fb7
- SHA512
  
  f90d6ada90505500b954a5ba348787bc5442842253b89b74bb0775281cfb0ba387d4d932a49c76c317f842f72e1003fd4e0dd1b4ada7e1dbc8457d445ba28e47
Score

8^/10

ransomware spyware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ransomwarespyware

behavioral2

ransomwarespyware