Overview

overview

8

Static

static

04f76d44db...c5.exe

windows7_x64

8

04f76d44db...c5.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04f76d44db4c3a8d810348f65e539f8d65af3ee764c058290033da8f5c508fc5.exe

  • Size

    127KB

  • Sample

    210929-yrq65afghp

  • MD5

    d449503da4a13fd6e8c8f15dde16949b

  • SHA1

    d9ede4f71e26f4ccd1cb96ae9e7a4f625f8b97c9

  • SHA256

    04f76d44db4c3a8d810348f65e539f8d65af3ee764c058290033da8f5c508fc5

  • SHA512

    71b602332851adb5549a8e780d351fd694691eb1c2dc286a7834d2d50a239a05aed8742e0e3b05fabfd8e272cd2fc68d3b6489d69ec3494c88f867f6e3eb8a6c

Score
8/10
ransomware

Malware Config

Targets

    • Target

      04f76d44db4c3a8d810348f65e539f8d65af3ee764c058290033da8f5c508fc5.exe

    • Size

      127KB

    • MD5

      d449503da4a13fd6e8c8f15dde16949b

    • SHA1

      d9ede4f71e26f4ccd1cb96ae9e7a4f625f8b97c9

    • SHA256

      04f76d44db4c3a8d810348f65e539f8d65af3ee764c058290033da8f5c508fc5

    • SHA512

      71b602332851adb5549a8e780d351fd694691eb1c2dc286a7834d2d50a239a05aed8742e0e3b05fabfd8e272cd2fc68d3b6489d69ec3494c88f867f6e3eb8a6c

    Score
    8/10
    ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks