cc1e56d32ad111cff31ecf7a53efeeaedfaa2d93ed5f85c8085b56be7643e01a | Triage

Submit
Reports

Overview

overview

9

Static

static

ransomware.exe

windows7_x64

9

ransomware.exe

windows10-2004_x64

8

Sharing

General

Target

ransomware
Size

117KB
Sample

220525-s68rtsfeep
MD5

bced4f87dbacf3f37886e2e08d933b11
SHA1

d685d1a46456d4c47099b1b25d4a84ec96dcd612
SHA256

cc1e56d32ad111cff31ecf7a53efeeaedfaa2d93ed5f85c8085b56be7643e01a
SHA512

410097c11a568194c5d121a8ea26184c0bf7a3a8fe3a53a27acca9013eac37b7a2da23747f3035d7d087314941755a6ecd514dd9416284e079dccf8a0448dfc8

Score

9^/10

evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

ransomware.exe

Resource

win7-20220414-en

evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ransomware.exe

Resource

win10v2004-20220414-en

evasion ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ransomware
- Size
  
  117KB
- MD5
  
  bced4f87dbacf3f37886e2e08d933b11
- SHA1
  
  d685d1a46456d4c47099b1b25d4a84ec96dcd612
- SHA256
  
  cc1e56d32ad111cff31ecf7a53efeeaedfaa2d93ed5f85c8085b56be7643e01a
- SHA512
  
  410097c11a568194c5d121a8ea26184c0bf7a3a8fe3a53a27acca9013eac37b7a2da23747f3035d7d087314941755a6ecd514dd9416284e079dccf8a0448dfc8
Score

9^/10

evasion ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Disables Task Manager via registry modification
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware

© 2018-2024

Terms | Privacy