thanos | eb2ed1680e9b2350d78f431849a9e8c5c1d91d97ae72767d228b2208e6f72f46 | Triage

Submit
Reports

Overview

overview

Static

static

steriok.exe

windows7_x64

8

steriok.exe

windows10_x64

8

Resubmissions

29-10-2021 09:03

211029-kz7xysdac7 10

28-10-2021 13:28

211028-qq5dcsgdeq 10

23-10-2021 01:52

211023-cagepshab4 8

Sharing

General

Target

steriok.exe
Size

94KB
Sample

211028-qq5dcsgdeq
MD5

b0c615c0a4f485b2030d6e1ab98375f0
SHA1

de11e9d61e0a31dc19e8c5dd8fe06facf0ead052
SHA256

eb2ed1680e9b2350d78f431849a9e8c5c1d91d97ae72767d228b2208e6f72f46
SHA512

82342be7d388244b5b008134d6d351f669995caff94a9a532ce056130f1af54a20ec6f2b9a3ca78102200c53a73659d1043e5b213ce84642d225690a3a848024

Score

10^/10

thanos ransomware

Static task

static1

ransomware thanos

Behavioral task

behavioral1

Sample

steriok.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

steriok.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  steriok.exe
- Size
  
  94KB
- MD5
  
  b0c615c0a4f485b2030d6e1ab98375f0
- SHA1
  
  de11e9d61e0a31dc19e8c5dd8fe06facf0ead052
- SHA256
  
  eb2ed1680e9b2350d78f431849a9e8c5c1d91d97ae72767d228b2208e6f72f46
- SHA512
  
  82342be7d388244b5b008134d6d351f669995caff94a9a532ce056130f1af54a20ec6f2b9a3ca78102200c53a73659d1043e5b213ce84642d225690a3a848024
Score

8^/10

ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Drops startup file
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ransomwarethanos

behavioral1

behavioral2

© 2018-2024

Terms | Privacy