c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132 | Triage

Submit
Reports

Overview

overview

9

Static

static

8

c64bf1a1e4...32.exe

windows7_x64

9

c64bf1a1e4...32.exe

windows10_x64

9

Sharing

General

Target

c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132
Size

840KB
Sample

210409-xskmlwwxb6
MD5

6490aefbaf3e6a708269d771d8fd4136
SHA1

2ae6c5f0ec0faca746bf6ba3f5c7682a454de78c
SHA256

c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132
SHA512

6ef2fdfaae7db2dfc82c1600de2818c86b1be42bab42682aa27c37fd853a97e3316ac71081075994b3fa29a52c6f94cc29445dc2e5248d3e37ae31275f1e16f6

Score

9^/10

discovery ransomware upx

Static task

static1

Behavioral task

behavioral1

Sample

c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132.exe

Resource

win7v20201028

discovery ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132.exe

Resource

win10v20201028

discovery ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132
- Size
  
  840KB
- MD5
  
  6490aefbaf3e6a708269d771d8fd4136
- SHA1
  
  2ae6c5f0ec0faca746bf6ba3f5c7682a454de78c
- SHA256
  
  c64bf1a1e4d47232d1966ec0515f7d80503a001f42b8dd3c99459f94dc0b3132
- SHA512
  
  6ef2fdfaae7db2dfc82c1600de2818c86b1be42bab42682aa27c37fd853a97e3316ac71081075994b3fa29a52c6f94cc29445dc2e5248d3e37ae31275f1e16f6
Score

9^/10

discovery ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Modifies file permissions
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

File Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware

© 2018-2024

Terms | Privacy