Overview

overview

9

Static

static

0c920c6592...23.exe

windows7_x64

9

0c920c6592...23.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c920c6592e00f5768964b1e86d21c0248368b04642c1dec8ed287ccd81bd123

  • Size

    1.9MB

  • Sample

    210409-9j49v2sb2j

  • MD5

    55403c970e7165f37e69b89b41c081fd

  • SHA1

    a5685f7321a949209b0bcbb1404f20e313917fd3

  • SHA256

    0c920c6592e00f5768964b1e86d21c0248368b04642c1dec8ed287ccd81bd123

  • SHA512

    a583ceb32071040b1dd7abafd68ea76827168e7993444c31bc659ec2ee14f9c7944c340be08eecfd84fbe44695917d98f52440e363579c7d9c501d7ae992fb87

Score
9/10
ransomware

Malware Config

Targets

    • Target

      0c920c6592e00f5768964b1e86d21c0248368b04642c1dec8ed287ccd81bd123

    • Size

      1.9MB

    • MD5

      55403c970e7165f37e69b89b41c081fd

    • SHA1

      a5685f7321a949209b0bcbb1404f20e313917fd3

    • SHA256

      0c920c6592e00f5768964b1e86d21c0248368b04642c1dec8ed287ccd81bd123

    • SHA512

      a583ceb32071040b1dd7abafd68ea76827168e7993444c31bc659ec2ee14f9c7944c340be08eecfd84fbe44695917d98f52440e363579c7d9c501d7ae992fb87

    Score
    9/10
    ransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

2
T1107

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

2
T1490

Tasks