Overview

overview

10

Static

static

Priyte's A...++.exe

windows7_x64

10

Priyte's A...++.exe

windows10_x64

10

Resubmissions

12/11/2021, 06:19

211112-g3lmcahgfn 10

12/11/2021, 06:05

211112-gtfpqscgb4 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Priyte's Adventure C++.exe

  • Size

    304KB

  • Sample

    211112-gtfpqscgb4

  • MD5

    2a37da5634b1e4b188fc5ef86704e41b

  • SHA1

    540ef0e5a197322a29bbf91f41c6abecdd2a4e35

  • SHA256

    df9aff8d1a7003c662d20b7ec05d489b7dbd02ebc3034ac61081b5c819791d81

  • SHA512

    2fe2ca833e71e7b3ed6ad022d8945db72803483b0358c5f165c775bbe1a7896fe791f296b404b1482ad6bff888ab9ee230bb7c3ef45373687614703f496d2d14

Score
10/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      Priyte's Adventure C++.exe

    • Size

      304KB

    • MD5

      2a37da5634b1e4b188fc5ef86704e41b

    • SHA1

      540ef0e5a197322a29bbf91f41c6abecdd2a4e35

    • SHA256

      df9aff8d1a7003c662d20b7ec05d489b7dbd02ebc3034ac61081b5c819791d81

    • SHA512

      2fe2ca833e71e7b3ed6ad022d8945db72803483b0358c5f165c775bbe1a7896fe791f296b404b1482ad6bff888ab9ee230bb7c3ef45373687614703f496d2d14

    Score
    10/10
    evasionpersistencetrojanransomware

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks