69223352d033163529a18d256ccc5a4e2ac70bb4111c28dff35fcc70a413ad48

Resubmissions

02/07/2021, 00:58

210702-mms73ncjwn 10

21/06/2021, 17:05

210621-et1vzla7t2 10

Sharing

Copy URL

Twitter E-mail

General

Target

d56cfe09f291b11e27b84ede219459ede65652a19596a0b33f8a3ef871236cf5.bin.sample.gz
Size

81KB
Sample

210702-mms73ncjwn
MD5

b5716bc979dc915412bfee36212caa79
SHA1

47901c667f7cca4f8e77a86290cdafea5cedf55c
SHA256

69223352d033163529a18d256ccc5a4e2ac70bb4111c28dff35fcc70a413ad48
SHA512

2e6801166eb220578fc25dd7f0dca8db2e38ac9edd7dbea941b61366cb0c986e1b8d990d936aacd3744f0710e60b62939bb35f7369a241228ea5fde1ef4efcf2

Score

10^/10

Malware Config

Targets

- Target
  
  sample
- Size
  
  81KB
- MD5
  
  9c543a3b162b8e9317c717892ba47691
- SHA1
  
  52980b81ca21b6c02793272dea788f18c03c66bf
- SHA256
  
  d56cfe09f291b11e27b84ede219459ede65652a19596a0b33f8a3ef871236cf5
- SHA512
  
  502a5390c777c4c8f3848c66b7accc670b0ebbc7947253d8bb2c73e3b55097870f97142088d337c125d0e545a96ac3e06688c81a0f4935541439a7d58d918c04
Score

10^/10

evasion persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

T1004

Privilege Escalation

Bypass User Account Control

T1088

Defense Evasion

Bypass User Account Control

T1088

Disabling Security Tools

T1089

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

T1491

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Modifies WinLogon for persistence

UAC bypass

Disables Task Manager via registry modification

Modifies extensions of user files

Checks whether UAC is enabled

Drops desktop.ini file(s)

Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2