15870ef831ecc0908e86ca4ff0987ff42049bbaf96ee96db2761018854b7647f | Triage

Resubmissions

22-01-2021 08:00

210122-gm8njs1zdn 5

03-12-2020 11:22

201203-8vnj2wyrex 10

Sharing

General

Target

15870ef831ecc0908e86ca4ff0987ff42049bbaf96ee96db2761018854b7647f
Size

507KB
Sample

210122-gm8njs1zdn
MD5

b916ccb2a2bf0381133e5b8ef9782e1f
SHA1

4a740790a645000119070122c710e1bac020bd25
SHA256

15870ef831ecc0908e86ca4ff0987ff42049bbaf96ee96db2761018854b7647f
SHA512

04f973bf5606bc585e9eacd2937503047b27530dfdf9a5b830fa2deb679fbbf84a9494504de6c37a8b48785dc7ccc74a1ab50b34a860729f66cdeb3bcfd2bcc8

Score

5^/10

ransomware

Malware Config

Targets

- Target
  
  15870ef831ecc0908e86ca4ff0987ff42049bbaf96ee96db2761018854b7647f
- Size
  
  507KB
- MD5
  
  b916ccb2a2bf0381133e5b8ef9782e1f
- SHA1
  
  4a740790a645000119070122c710e1bac020bd25
- SHA256
  
  15870ef831ecc0908e86ca4ff0987ff42049bbaf96ee96db2761018854b7647f
- SHA512
  
  04f973bf5606bc585e9eacd2937503047b27530dfdf9a5b830fa2deb679fbbf84a9494504de6c37a8b48785dc7ccc74a1ab50b34a860729f66cdeb3bcfd2bcc8
Score

5^/10

ransomware
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1