f074bac428fe4d2ea36f7934f22007bac18077504acf19f29ae49797c2097c27 | Triage

Submit
Reports

Overview

overview

9

Static

static

8

zzgssg.exe

windows7_x64

9

zzgssg.exe

windows10_x64

9

Sharing

General

Target

zzgssg.exe
Size

915KB
Sample

210219-pt5cnej4y2
MD5

b7ed2cd216eaf988c160f4f9e66c05ab
SHA1

4e8f4780e002f791d7bcd33a45072746ed00efd6
SHA256

f074bac428fe4d2ea36f7934f22007bac18077504acf19f29ae49797c2097c27
SHA512

db2fc235af6a5bc751e599586ba216ae6f6d7f0f7f78ee9928a6e4637d2618e2be4e401c3478e3dfe41e079de6e0dbec9a208b46637a4ab9345783ce04d47b33

Score

9^/10

ransomware vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

zzgssg.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

zzgssg.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  zzgssg.exe
- Size
  
  915KB
- MD5
  
  b7ed2cd216eaf988c160f4f9e66c05ab
- SHA1
  
  4e8f4780e002f791d7bcd33a45072746ed00efd6
- SHA256
  
  f074bac428fe4d2ea36f7934f22007bac18077504acf19f29ae49797c2097c27
- SHA512
  
  db2fc235af6a5bc751e599586ba216ae6f6d7f0f7f78ee9928a6e4637d2618e2be4e401c3478e3dfe41e079de6e0dbec9a208b46637a4ab9345783ce04d47b33
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy