3b60577fe6abb4637b2d1bee5b3d47f70f7230ace340d712a9c7fb1a642688b4 | Triage

Submit
Reports

Overview

overview

9

Static

static

Encode.bin.exe

windows7_x64

9

Encode.bin.exe

windows10_x64

9

Sharing

General

Target

Encode.bin.zip
Size

100KB
Sample

210621-m3a7szly5j
MD5

7d2c63d540eb5916022ed778090e8d8b
SHA1

3eb93653e21a38ce4d9af0e676210952e0fb1e31
SHA256

3b60577fe6abb4637b2d1bee5b3d47f70f7230ace340d712a9c7fb1a642688b4
SHA512

6adc159fde8a1bdb88a63ff6c8470255a96b9eb69bb537a1d2e4d878867b75de67b496aee4392aa075fc7f03300675387e4cd24f67366c2f8f2bf90ac00ad17c

Score

9^/10

persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

Encode.bin.exe

Resource

win7v20210410

persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Encode.bin.exe

Resource

win10v20210408

persistence ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Encode.bin
- Size
  
  153KB
- MD5
  
  5163f03f6789656605108bec4650b66f
- SHA1
  
  c32e012da9257780d2031f683457da1840615c9c
- SHA256
  
  fb3b67d7f94630f41e722de49c211d8f5c69cdec8fc9ba25996717a77f67b89b
- SHA512
  
  13f0a1223330676bf5b81ee6fe64c963bcbeedb5589c96759573919a3e47aaf2e3b387edf2aa99cbded1f086df320cf0e03c06ba1f88f0a06a67014e3552cece
Score

9^/10

persistence ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

persistenceransomware

behavioral2

persistenceransomware

© 2018-2025

Terms | Privacy