Overview

overview

8

Static

static

8

file.doc

windows7_x64

5

file.doc

windows10_x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    99KB

  • Sample

    210122-xrbpfbf5sa

  • MD5

    8c2a0782dca1d1fab7b8ceecb7c0baea

  • SHA1

    263c2fbc950a12432dbd88d1d9238e25ad4a22e6

  • SHA256

    01de1796ba2e420b42eb9e213aaa519c479285c5fd4dc5dc86b091d38d0affe9

  • SHA512

    965acbf714d58ce10f48f0776eb6933c6eafc9d85bf5d74dd76ed385142b900d738f15436294b8ccb9a6b66b76de267158815f94ce2969757120254b698df657

Score
8/10
macroransomware

Malware Config

Targets

    • Target

      file

    • Size

      99KB

    • MD5

      8c2a0782dca1d1fab7b8ceecb7c0baea

    • SHA1

      263c2fbc950a12432dbd88d1d9238e25ad4a22e6

    • SHA256

      01de1796ba2e420b42eb9e213aaa519c479285c5fd4dc5dc86b091d38d0affe9

    • SHA512

      965acbf714d58ce10f48f0776eb6933c6eafc9d85bf5d74dd76ed385142b900d738f15436294b8ccb9a6b66b76de267158815f94ce2969757120254b698df657

    Score
    5/10
    ransomware

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks