General

  • Target

    1c.jpg

  • Size

    1004KB

  • Sample

    220421-3qj4mshaa4

  • MD5

    592b12b5a4d9beec0c8914fcb36a8f30

  • SHA1

    ae094c72b8c774cd9e573e12500c0869ece074aa

  • SHA256

    f02008f3656a77dcb5e4ca16153acfb649cf2717b1d60e58fe17073b452c6403

  • SHA512

    54c1c96c03f114976b5ccd56382bb1edb315bf21feb40a887e046dff9f5e33cfa29238c6a35218a85ab757a24b51343dfc451d2114fd89f9cc1e8630f5fb5c5b

Malware Config

Targets

    • Target

      1c.jpg

    • Size

      1004KB

    • MD5

      592b12b5a4d9beec0c8914fcb36a8f30

    • SHA1

      ae094c72b8c774cd9e573e12500c0869ece074aa

    • SHA256

      f02008f3656a77dcb5e4ca16153acfb649cf2717b1d60e58fe17073b452c6403

    • SHA512

      54c1c96c03f114976b5ccd56382bb1edb315bf21feb40a887e046dff9f5e33cfa29238c6a35218a85ab757a24b51343dfc451d2114fd89f9cc1e8630f5fb5c5b

    • Troldesh, Shade, Encoder.858

      Troldesh is a ransomware spread by malspam.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks