4b78968928cfa5437ffdd56a39a5ea8c10a7b6dc5d3f342d003260088876b3cf | Triage

Submit
Reports

Overview

overview

8

Static

static

Taleb.Ransom.exe

windows10-2004_x64

8

Resubmissions

25-03-2022 06:59

220325-hsddnafgel 10

08-03-2022 23:12

220308-263p9abfb4 8

Sharing

General

Target

Taleb.Ransom.exe
Size

10.8MB
Sample

220308-263p9abfb4
MD5

ac09b7550eda13e03a55448fd8367e2d
SHA1

8266a12669a4a3952cb9af86e75ed74c27c71013
SHA256

4b78968928cfa5437ffdd56a39a5ea8c10a7b6dc5d3f342d003260088876b3cf
SHA512

44cace3038bd96fa36a9d3b16251573f625f5e7cb53f0233d87f6e8ab564e731bd8719088feec44f47a460c0a096b964c2c0e77f3f1c371b773e66407aef5d29

Score

8^/10

evasion ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Taleb.Ransom.exe

Resource

win10v2004-en-20220113

evasion ransomware spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Taleb.Ransom.exe
- Size
  
  10.8MB
- MD5
  
  ac09b7550eda13e03a55448fd8367e2d
- SHA1
  
  8266a12669a4a3952cb9af86e75ed74c27c71013
- SHA256
  
  4b78968928cfa5437ffdd56a39a5ea8c10a7b6dc5d3f342d003260088876b3cf
- SHA512
  
  44cace3038bd96fa36a9d3b16251573f625f5e7cb53f0233d87f6e8ab564e731bd8719088feec44f47a460c0a096b964c2c0e77f3f1c371b773e66407aef5d29
Score

8^/10

evasion ransomware spyware stealer
- Modifies Windows Firewall
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionransomwarespywarestealer

© 2018-2024

Terms | Privacy