nefilim | fcc2921020690a58c60eba35df885e575669e9803212f7791d7e1956f9bf8020 | Triage

Resubmissions

23-09-2021 15:15

210923-sm8bysege5 10

26-07-2021 12:41

210726-mpfkjgshnx 10

Sharing

General

Target

fcc2921020690a58c60eba35df885e575669e9803212f7791d7e1956f9bf8020.sample
Size

21KB
Sample

210726-mpfkjgshnx
MD5

ce3cd1dab67814f5f153bccdaf502f4c
SHA1

f246984193c927414e543d936d1fb643a2dff77b
SHA256

fcc2921020690a58c60eba35df885e575669e9803212f7791d7e1956f9bf8020
SHA512

015a9c54e65888cd0bf6e74ec26ddf42ba860b48ca56024a8f822be0cd56ed04fb80891ef21857f5ac65c97f6ecb050a1f1c33d1c5e9afddfcab0c59517a95e4

Score

10^/10

nefilim ransomware

Malware Config

Targets

- Target
  
  fcc2921020690a58c60eba35df885e575669e9803212f7791d7e1956f9bf8020.sample
- Size
  
  21KB
- MD5
  
  ce3cd1dab67814f5f153bccdaf502f4c
- SHA1
  
  f246984193c927414e543d936d1fb643a2dff77b
- SHA256
  
  fcc2921020690a58c60eba35df885e575669e9803212f7791d7e1956f9bf8020
- SHA512
  
  015a9c54e65888cd0bf6e74ec26ddf42ba860b48ca56024a8f822be0cd56ed04fb80891ef21857f5ac65c97f6ecb050a1f1c33d1c5e9afddfcab0c59517a95e4
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

behavioral2