ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9 | Triage

Sharing

General

Target

ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample
Size

111KB
Sample

210726-xqs9majbgj
MD5

53c9609bc674d1ebc4de2d8954691a95
SHA1

44304bd96f6e5acf620429430b124e63cdd05faa
SHA256

ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9
SHA512

390f0afabdeb486098adae9a04bf35e644ce32f62036ef80521f387c9d413c99a9a0876b68f5aae5737cdb478fc01e8c650da43efecc67f776aec14ad1f6cae3

Score

9^/10

persistence ransomware spyware stealer

Malware Config

Targets

- Target
  
  ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9.sample
- Size
  
  111KB
- MD5
  
  53c9609bc674d1ebc4de2d8954691a95
- SHA1
  
  44304bd96f6e5acf620429430b124e63cdd05faa
- SHA256
  
  ef4b415bb072513156c8c532227da239c43ac4e4076725e4f33303d74ddcf2b9
- SHA512
  
  390f0afabdeb486098adae9a04bf35e644ce32f62036ef80521f387c9d413c99a9a0876b68f5aae5737cdb478fc01e8c650da43efecc67f776aec14ad1f6cae3
Score

9^/10

persistence ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Hidden Files and Directories

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

persistenceransomwarespywarestealer

behavioral2

ransomwarespywarestealer