Overview

overview

9

Static

static

3

RRA.exe

windows11_x64

9

RRA.exe

windows10_x64

7

Resubmissions

14-08-2021 07:36

210814-38vq5bhjlx 9

14-08-2021 02:11

210814-endwdrh1fx 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RRA.exe

  • Size

    12.8MB

  • Sample

    210814-38vq5bhjlx

  • MD5

    8cfd8faa312373f96567891afd0344ef

  • SHA1

    3b232e440c87cbb6e1e8abe6d085954cd6e527fc

  • SHA256

    8a1a2c3f4e0f611c0066c53c9d2f65a8f453c911afab5421bcc9ff3b1a1958d9

  • SHA512

    9e58f9e2d4ce5e6076ff06c1179d613ddb75465ca5bfbeaaf9ff4c7f839675e3feaec85a59782fb71a560a33ec27db29ee1d153b16d0514803d15e218e334fee

Score
9/10
evasionpyinstallerransomware

Malware Config

Targets

    • Target

      RRA.exe

    • Size

      12.8MB

    • MD5

      8cfd8faa312373f96567891afd0344ef

    • SHA1

      3b232e440c87cbb6e1e8abe6d085954cd6e527fc

    • SHA256

      8a1a2c3f4e0f611c0066c53c9d2f65a8f453c911afab5421bcc9ff3b1a1958d9

    • SHA512

      9e58f9e2d4ce5e6076ff06c1179d613ddb75465ca5bfbeaaf9ff4c7f839675e3feaec85a59782fb71a560a33ec27db29ee1d153b16d0514803d15e218e334fee

    Score
    9/10
    evasionransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Disables Task Manager via registry modification

      evasion

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks