Resubmissions

26-02-2021 11:37

210226-4cte82r1vs 8

26-02-2021 11:28

210226-p6webfglhn 8

General

  • Target

    SPREADTHECORRUPTION.exe

  • Size

    425KB

  • Sample

    210226-p6webfglhn

  • MD5

    241c8c8c809fe670f1f6ef0f7c935815

  • SHA1

    63928026939b367ea1677ba3ecc17acb8b1553ad

  • SHA256

    5e7f8b2a39176df856d2fe25a5bfcf0915cc72aa114efe92797b674434dc3d47

  • SHA512

    5c86649a3c085530ed0c455c06adeb16f9ad107d7a25f92009694202dee0fa1867fdd29b341d027e265aec815c925a5cb05a84781d63ee781e33ff69bbe4dbf8

Score
8/10

Malware Config

Targets

    • Target

      SPREADTHECORRUPTION.exe

    • Size

      425KB

    • MD5

      241c8c8c809fe670f1f6ef0f7c935815

    • SHA1

      63928026939b367ea1677ba3ecc17acb8b1553ad

    • SHA256

      5e7f8b2a39176df856d2fe25a5bfcf0915cc72aa114efe92797b674434dc3d47

    • SHA512

      5c86649a3c085530ed0c455c06adeb16f9ad107d7a25f92009694202dee0fa1867fdd29b341d027e265aec815c925a5cb05a84781d63ee781e33ff69bbe4dbf8

    Score
    8/10
    • Disables Task Manager via registry modification

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Impact

Defacement

1
T1491

Tasks