aa438f22db488466ed39153b302b4f7557ca4bcc44ba35f83ad2dc8a04903398 | Triage

Submit
Reports

Overview

overview

9

Static

static

Privacy By...le.exe

windows7_x64

8

Privacy By...le.exe

windows10_x64

9

Sharing

General

Target

Privacy By Design - Training Module.exe
Size

724KB
Sample

210822-1e3vg4k6d2
MD5

82126e6a1d3b1bb5b1d1c3ddbb256b0e
SHA1

2259e9b89fcfd3e01d2e1554b32b478fc0f6396c
SHA256

aa438f22db488466ed39153b302b4f7557ca4bcc44ba35f83ad2dc8a04903398
SHA512

6795d4872554840c5a1bb4ed415c3d948c3384348ea8c18e30d74c8d800d554956003a048a4d7bceac9b670f7fd350c1a2aaa8d07725cce3138cf1fa036ac4f9

Score

9^/10

evasion ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Privacy By Design - Training Module.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Privacy By Design - Training Module.exe

Resource

win10v20210408

evasion ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Privacy By Design - Training Module.exe
- Size
  
  724KB
- MD5
  
  82126e6a1d3b1bb5b1d1c3ddbb256b0e
- SHA1
  
  2259e9b89fcfd3e01d2e1554b32b478fc0f6396c
- SHA256
  
  aa438f22db488466ed39153b302b4f7557ca4bcc44ba35f83ad2dc8a04903398
- SHA512
  
  6795d4872554840c5a1bb4ed415c3d948c3384348ea8c18e30d74c8d800d554956003a048a4d7bceac9b670f7fd350c1a2aaa8d07725cce3138cf1fa036ac4f9
Score

9^/10

evasion ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Deletes backup catalog
  Uses wbadmin.exe to inhibit system recovery.
  ransomware
- Executes dropped EXE
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

behavioral2

evasionransomwarespywarestealer

© 2018-2024

Terms | Privacy