4fb6e836e9ce7b0ef9a7b40cb50f82613450180e31c63e117589d3579f656244 | Triage

Submit
Reports

Overview

overview

Static

static

hjgkdf.exe

windows7_x64

hjgkdf.exe

windows10_x64

Sharing

General

Target

hjgkdf.exe
Size

24KB
Sample

210421-78cl1tdm82
MD5

dbe70b82bd05e88df18ff1685eaa9e99
SHA1

cd3e57c6d265882c07e9c7ab9b13f4dc50f46e2a
SHA256

4fb6e836e9ce7b0ef9a7b40cb50f82613450180e31c63e117589d3579f656244
SHA512

6197c0f25aa2c9fe22b2b9e2e31e1e164a72fbb34c69b7a6b115b77ec5e39e91d0d04921487c1261b0999090269e999b2d9e3fe80a25a0a60bd0fc99acefc09e

Score

10^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

hjgkdf.exe

Resource

win7v20210408

evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

hjgkdf.exe

Resource

win10v20210410

evasion persistence ransomware trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  hjgkdf.exe
- Size
  
  24KB
- MD5
  
  dbe70b82bd05e88df18ff1685eaa9e99
- SHA1
  
  cd3e57c6d265882c07e9c7ab9b13f4dc50f46e2a
- SHA256
  
  4fb6e836e9ce7b0ef9a7b40cb50f82613450180e31c63e117589d3579f656244
- SHA512
  
  6197c0f25aa2c9fe22b2b9e2e31e1e164a72fbb34c69b7a6b115b77ec5e39e91d0d04921487c1261b0999090269e999b2d9e3fe80a25a0a60bd0fc99acefc09e
Score

10^/10

evasion persistence trojan ransomware
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistenceransomwaretrojan

© 2018-2024

Terms | Privacy