78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51 | Triage

Submit
Reports

Overview

overview

9

Static

static

78b55ce394...51.exe

windows7_x64

9

78b55ce394...51.exe

windows10-2004_x64

3

Sharing

General

Target

78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51
Size

554KB
Sample

220520-175essegh5
MD5

9038c0bfcb41767a7b8d1a46652d53e2
SHA1

372dea083bcbbe7f494992f92b5559cf2dab11c7
SHA256

78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51
SHA512

66c153d4e7de01de62775eb57f839f72bb185cb76e82cc12ff875287232fb8d9798bef909d94f10e43f766c0317988a98aa03ff7444b1ba97a5aeebe0858aa3d

Score

9^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51.exe

Resource

win7-20220414-en

evasion persistence ransomware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51
- Size
  
  554KB
- MD5
  
  9038c0bfcb41767a7b8d1a46652d53e2
- SHA1
  
  372dea083bcbbe7f494992f92b5559cf2dab11c7
- SHA256
  
  78b55ce394011b701be630417507f517df542361758ca2ab4c135023e2566c51
- SHA512
  
  66c153d4e7de01de62775eb57f839f72bb185cb76e82cc12ff875287232fb8d9798bef909d94f10e43f766c0317988a98aa03ff7444b1ba97a5aeebe0858aa3d
Score

9^/10

evasion persistence ransomware trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

behavioral2

© 2018-2024

Terms | Privacy