7b85a3f5315470c36ba4047a6c849284ff5d738796fcc9d61b8713f8955fa018 | Triage

Submit
Reports

Overview

overview

9

Static

static

8

sisi.exe

windows7_x64

9

sisi.exe

windows10_x64

9

Sharing

General

Target

sisi.exe
Size

846KB
Sample

210409-hdh1spyvpj
MD5

610729898144b1186e81e057b3abbf88
SHA1

5bcb60a576b69259f75c2d43ea58493f651550c1
SHA256

7b85a3f5315470c36ba4047a6c849284ff5d738796fcc9d61b8713f8955fa018
SHA512

fe5ac0b1684d55c5f9bb820ba02ff2e015c66cb3e8c08316ad2a03be95aa1c665d8c8f6e5effefc2362f015029fe41e0024344730fbd0e0c022d75b82b3c3691

Score

9^/10

discovery ransomware spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

sisi.exe

Resource

win7v20201028

discovery ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sisi.exe

Resource

win10v20201028

discovery ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sisi.exe
- Size
  
  846KB
- MD5
  
  610729898144b1186e81e057b3abbf88
- SHA1
  
  5bcb60a576b69259f75c2d43ea58493f651550c1
- SHA256
  
  7b85a3f5315470c36ba4047a6c849284ff5d738796fcc9d61b8713f8955fa018
- SHA512
  
  fe5ac0b1684d55c5f9bb820ba02ff2e015c66cb3e8c08316ad2a03be95aa1c665d8c8f6e5effefc2362f015029fe41e0024344730fbd0e0c022d75b82b3c3691
Score

9^/10

discovery ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

File Permissions Modification

Credential Access

Credentials in Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomwarespywarestealer

© 2018-2024

Terms | Privacy