b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb | Triage

Submit
Reports

Overview

overview

9

Static

static

b73ad1034f...bb.exe

windows7_x64

9

b73ad1034f...bb.exe

windows10-2004_x64

3

Sharing

General

Target

b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb
Size

554KB
Sample

220521-m1q2yacgh6
MD5

35ef3d04fc9440361c1d7c075c9aa3f8
SHA1

f4110a2517c36f4af887f4b852d93e755bc18e33
SHA256

b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb
SHA512

662cdaa3c9a26e4c020b6a25f7a5664c51c7e72a91ab8d4ffaa6890efeaba1930318646007e96f818e1323c13dfd66849c07c95cb4cbe3fd4133ad9fbc65572d

Score

9^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb.exe

Resource

win7-20220414-en

evasion persistence ransomware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb
- Size
  
  554KB
- MD5
  
  35ef3d04fc9440361c1d7c075c9aa3f8
- SHA1
  
  f4110a2517c36f4af887f4b852d93e755bc18e33
- SHA256
  
  b73ad1034f549ee2133928c81ad1960e3378e21a6ab0c71fbc08ebb21c6681bb
- SHA512
  
  662cdaa3c9a26e4c020b6a25f7a5664c51c7e72a91ab8d4ffaa6890efeaba1930318646007e96f818e1323c13dfd66849c07c95cb4cbe3fd4133ad9fbc65572d
Score

9^/10

evasion persistence ransomware trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

behavioral2

© 2018-2024

Terms | Privacy