117b0078905f0929a5da0b24e20c76bbaa99151f56789c63b4498143c2261926 | Triage

Submit
Reports

Overview

overview

Static

static

FishLocker.exe

windows7_x64

FishLocker.exe

windows10_x64

Sharing

General

Target

FishLocker.exe
Size

218KB
Sample

210620-vzyc4qsqzs
MD5

85d90010fed526eef947c440629b82dd
SHA1

1df270d02c9ea53f180130e7a219b40146cfca10
SHA256

117b0078905f0929a5da0b24e20c76bbaa99151f56789c63b4498143c2261926
SHA512

1455958c884f15e03531b1e836269fc6b2bab60e1a4b360e1206568ca7aabee0f55599eab4d11889359818c859d8d37d725bd90109165ca7626d045a81e75be7

Score

10^/10

discovery evasion exploit persistence

Static task

static1

Behavioral task

behavioral1

Sample

FishLocker.exe

Resource

win7v20210410

discovery evasion exploit persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

FishLocker.exe

Resource

win10v20210408

discovery evasion exploit persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  FishLocker.exe
- Size
  
  218KB
- MD5
  
  85d90010fed526eef947c440629b82dd
- SHA1
  
  1df270d02c9ea53f180130e7a219b40146cfca10
- SHA256
  
  117b0078905f0929a5da0b24e20c76bbaa99151f56789c63b4498143c2261926
- SHA512
  
  1455958c884f15e03531b1e836269fc6b2bab60e1a4b360e1206568ca7aabee0f55599eab4d11889359818c859d8d37d725bd90109165ca7626d045a81e75be7
Score

10^/10

discovery evasion exploit persistence
- Modifies WinLogon for persistence
  persistence
- Disables Task Manager via registry modification
  evasion
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

File Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionexploitpersistence

behavioral2

discoveryevasionexploitpersistence

© 2018-2024

Terms | Privacy