Overview

overview

10

Static

static

10

0a8765300e...86.exe

windows7_x64

9

0a8765300e...86.exe

windows10-2004_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a8765300eb3e280696d7ad737d79e2da9ab99102c707366854128669e15a386

  • Size

    69KB

  • Sample

    220201-b1nq2aehaj

  • MD5

    3d6739af26024c834c7b643b2521acf6

  • SHA1

    c66095df6545de1625dc365dfd45c13ad04fabee

  • SHA256

    0a8765300eb3e280696d7ad737d79e2da9ab99102c707366854128669e15a386

  • SHA512

    97b333f293541d50b32dff7b5b50db24086964dd49be962896f6fe3bf58faafebde507ff4486381ace02cc32009650df81d75db8afb64ce40ad74d0c34b66b18

Score
10/10
netwalkerransomwarespywarestealer

Malware Config

Targets

    • Target

      0a8765300eb3e280696d7ad737d79e2da9ab99102c707366854128669e15a386

    • Size

      69KB

    • MD5

      3d6739af26024c834c7b643b2521acf6

    • SHA1

      c66095df6545de1625dc365dfd45c13ad04fabee

    • SHA256

      0a8765300eb3e280696d7ad737d79e2da9ab99102c707366854128669e15a386

    • SHA512

      97b333f293541d50b32dff7b5b50db24086964dd49be962896f6fe3bf58faafebde507ff4486381ace02cc32009650df81d75db8afb64ce40ad74d0c34b66b18

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks