captcha_visual_.bin

General
Target

captcha_visual_.bin

Size

42KB

Sample

201207-c121lcbfps

Score
10 /10
MD5

b2b278aed753209592b051998cc78d6e

SHA1

187fade13fa2590af0a7168a5fa1bbdd38fb696f

SHA256

b575cbe291920b98cd523890c53902ccaad1c1f0357024c51e0ac5b1d0cd3786

SHA512

a21486edf9da1e1b99135ce61f120e00dee2915d99b345c0925cf4a8df308da3344e2dc932d6b2fea6e570ddef9ea49527b1981f1ef95896a56e731be4516164

Malware Config
Targets
Target

captcha_visual_.bin

MD5

b2b278aed753209592b051998cc78d6e

Filesize

42KB

Score
9 /10
SHA1

187fade13fa2590af0a7168a5fa1bbdd38fb696f

SHA256

b575cbe291920b98cd523890c53902ccaad1c1f0357024c51e0ac5b1d0cd3786

SHA512

a21486edf9da1e1b99135ce61f120e00dee2915d99b345c0925cf4a8df308da3344e2dc932d6b2fea6e570ddef9ea49527b1981f1ef95896a56e731be4516164

Tags

Signatures

  • Deletes shadow copies

    Description

    Ransomware often targets backup files to inhibit system recovery.

    Tags

    TTPs

    File Deletion Inhibit System Recovery
  • Deletes backup catalog

    Description

    Uses wbadmin.exe to inhibit system recovery.

    Tags

    TTPs

    Command-Line Interface File Deletion Inhibit System Recovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Discovery
          Exfiltration
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    10/10

                    behavioral1

                    9/10

                    behavioral2

                    1/10