b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf | Triage

Submit
Reports

Overview

overview

9

Static

static

8

b9a33e0225...af.exe

windows7_x64

7

b9a33e0225...af.exe

windows10_x64

9

Sharing

General

Target

b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf
Size

846KB
Sample

210409-m9xc9xq1lx
MD5

d63de35d8cf9b12c28d3d5509dd16aae
SHA1

d33baa05a06e364d1dd31a611b97f5d935d11e6b
SHA256

b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf
SHA512

aa5a41b7026a354880a914938ca84cfb489ba01689b4954e0e501f480e7bbf18ae951ca33d05ab51ad662d23a80b70ab00187f5127867a89b15627e0f21a6d50

Score

9^/10

discovery ransomware spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf.exe

Resource

win10v20201028

discovery ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf
- Size
  
  846KB
- MD5
  
  d63de35d8cf9b12c28d3d5509dd16aae
- SHA1
  
  d33baa05a06e364d1dd31a611b97f5d935d11e6b
- SHA256
  
  b9a33e0225555e2d41582f81a7fa73fe431817f6e169d55540b250907dec7aaf
- SHA512
  
  aa5a41b7026a354880a914938ca84cfb489ba01689b4954e0e501f480e7bbf18ae951ca33d05ab51ad662d23a80b70ab00187f5127867a89b15627e0f21a6d50
Score

9^/10

discovery ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

File Permissions Modification

Credential Access

Credentials in Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

behavioral2

discoveryransomwarespywarestealer

© 2018-2024

Terms | Privacy