0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047 | Triage

Submit
Reports

Overview

overview

Static

static

0152bfcdac...47.exe

windows7_x64

0152bfcdac...47.exe

windows10-2004_x64

Sharing

General

Target

0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047
Size

372KB
Sample

220523-y6g7rsfbb3
MD5

00550cbf30648b09a6e64f436e6c2bf4
SHA1

aba94637d885e13d820660dc5b5fb9bf83fc743f
SHA256

0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047
SHA512

a4d473f50bb0e0f8e383c25141ac742584f8eb1b95e1b1b9f6df71836ee6ab5b53b305ae30ac06e7495b80372f52d982e998edd61cfb01c364ab935aab083e3e

Score

10^/10

discovery ransomware suricata

Static task

static1

Behavioral task

behavioral1

Sample

0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047.exe

Resource

win7-20220414-en

discovery ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047.exe

Resource

win10v2004-20220414-en

discovery ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047
- Size
  
  372KB
- MD5
  
  00550cbf30648b09a6e64f436e6c2bf4
- SHA1
  
  aba94637d885e13d820660dc5b5fb9bf83fc743f
- SHA256
  
  0152bfcdac11ead27ab283963a236c0bd218f25de21135d487dd83e4b8af0047
- SHA512
  
  a4d473f50bb0e0f8e383c25141ac742584f8eb1b95e1b1b9f6df71836ee6ab5b53b305ae30ac06e7495b80372f52d982e998edd61cfb01c364ab935aab083e3e
Score

10^/10

discovery ransomware suricata
- suricata: ET MALWARE Ransomware/Cerber Checkin 2
  suricata: ET MALWARE Ransomware/Cerber Checkin 2
  suricata
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Contacts a large (512) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (529) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

discoveryransomwaresuricata

behavioral2

discoveryransomwaresuricata

© 2018-2024

Terms | Privacy