a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a | Triage

Submit
Reports

Overview

overview

9

Static

static

a898a3c616...3a.exe

windows7_x64

9

a898a3c616...3a.exe

windows10-2004_x64

3

Sharing

General

Target

a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a
Size

554KB
Sample

220520-3w8zyshfe2
MD5

b2deb3fa1acb774a1e5b17013d474d71
SHA1

e32774f940c4e8bdb19e0d33689bf4f56ab90895
SHA256

a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a
SHA512

913fc4b339ac0af4c89c3ad2b0af2ef29f245e91befff960bd3b78da9071c8c8457ef1ace01d91e0c2f58bacbd87b7b2f0734c86cd27156ecd837bce035aec8b

Score

9^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a.exe

Resource

win7-20220414-en

evasion persistence ransomware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a
- Size
  
  554KB
- MD5
  
  b2deb3fa1acb774a1e5b17013d474d71
- SHA1
  
  e32774f940c4e8bdb19e0d33689bf4f56ab90895
- SHA256
  
  a898a3c616fab1e3c8f05eacf9ba459af21aefb63937cfc10778e77aaa375b3a
- SHA512
  
  913fc4b339ac0af4c89c3ad2b0af2ef29f245e91befff960bd3b78da9071c8c8457ef1ace01d91e0c2f58bacbd87b7b2f0734c86cd27156ecd837bce035aec8b
Score

9^/10

evasion persistence ransomware trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

behavioral2

© 2018-2024

Terms | Privacy