f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201 | Triage

Submit
Reports

Overview

overview

8

Static

static

f21cda69b8...in.exe

windows7_x64

8

f21cda69b8...in.exe

windows10-2004_x64

8

Sharing

General

Target

f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201.bin.sample
Size

9KB
Sample

220512-kpb3jabfe5
MD5

04da21c104ea3e996c4fbdc496475743
SHA1

0231ea30add2fa0c06167c8929f8b523ef4d1356
SHA256

f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201
SHA512

918d4459e5e3741ac0eee222bf9e5e81365e7fd5a2a046f3e7e21ceb7788dd1c735ca895048ef04e8e1af49b6dc45cd1bb60b8bcb5caa49b51a148329899a73a

Score

8^/10

ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201.bin.exe

Resource

win7-20220414-en

ransomware spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201.bin.exe

Resource

win10v2004-20220414-en

ransomware spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201.bin.sample
- Size
  
  9KB
- MD5
  
  04da21c104ea3e996c4fbdc496475743
- SHA1
  
  0231ea30add2fa0c06167c8929f8b523ef4d1356
- SHA256
  
  f21cda69b887bd2c296a48614c12b32c251a2822be81bcb0dabbc4439b04f201
- SHA512
  
  918d4459e5e3741ac0eee222bf9e5e81365e7fd5a2a046f3e7e21ceb7788dd1c735ca895048ef04e8e1af49b6dc45cd1bb60b8bcb5caa49b51a148329899a73a
Score

8^/10

ransomware spyware stealer
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ransomwarespywarestealer

behavioral2

ransomwarespywarestealer

© 2018-2024

Terms | Privacy