4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2 | Triage

Submit
Reports

Overview

overview

9

Static

static

4f8a51b563...b2.exe

windows7_x64

9

4f8a51b563...b2.exe

windows10-2004_x64

3

Sharing

General

Target

4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2
Size

554KB
Sample

220520-2an7zsabaj
MD5

599b93918efa98ba6cea5e14cc47fa80
SHA1

94c7c7c89be2e3c866b81fb352586a70f91414c3
SHA256

4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2
SHA512

d98fbee1d19c46aa8297065b2f7b4690033534d07deb156962f0d42b9d7ad20aca44a1fca1666fd624c2e5f3320e4ab891c519a6d1e057c89b4cd5afecd5279c

Score

9^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2.exe

Resource

win7-20220414-en

evasion persistence ransomware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2
- Size
  
  554KB
- MD5
  
  599b93918efa98ba6cea5e14cc47fa80
- SHA1
  
  94c7c7c89be2e3c866b81fb352586a70f91414c3
- SHA256
  
  4f8a51b563e832c4660a2e674580d91dc46294447f6971b9916285dab28bd4b2
- SHA512
  
  d98fbee1d19c46aa8297065b2f7b4690033534d07deb156962f0d42b9d7ad20aca44a1fca1666fd624c2e5f3320e4ab891c519a6d1e057c89b4cd5afecd5279c
Score

9^/10

evasion persistence ransomware trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

behavioral2

© 2018-2024

Terms | Privacy