Overview

overview

10

Static

static

7c30ccc17f...19.exe

windows7-x64

10

7c30ccc17f...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c30ccc17f3bf544b060fc919b5c59c9e3ecddc98bfe343fd5666f2b755c8119

  • Size

    1.3MB

  • Sample

    220731-h4wpdaebf4

  • MD5

    fcaea3ad7ae12f0951ecfe3ddfeb3f41

  • SHA1

    7d7efab01d34da6c53dcd6b3fca1e49cfdf75885

  • SHA256

    7c30ccc17f3bf544b060fc919b5c59c9e3ecddc98bfe343fd5666f2b755c8119

  • SHA512

    2be21eb7fe5e8f609afc1525cbb1c4d7db7a50906326e8534584a008b3e8773fc2c06ea7424b341bd20c715dd5d5dfb6007ec837106a6d3d619ed14706945426

Score
10/10
troldeshdiscoverypersistenceransomwaretrojanupx

Malware Config

Targets

    • Target

      7c30ccc17f3bf544b060fc919b5c59c9e3ecddc98bfe343fd5666f2b755c8119

    • Size

      1.3MB

    • MD5

      fcaea3ad7ae12f0951ecfe3ddfeb3f41

    • SHA1

      7d7efab01d34da6c53dcd6b3fca1e49cfdf75885

    • SHA256

      7c30ccc17f3bf544b060fc919b5c59c9e3ecddc98bfe343fd5666f2b755c8119

    • SHA512

      2be21eb7fe5e8f609afc1525cbb1c4d7db7a50906326e8534584a008b3e8773fc2c06ea7424b341bd20c715dd5d5dfb6007ec837106a6d3d619ed14706945426

    Score
    10/10
    troldeshdiscoverypersistenceransomwaretrojanupx

    • Troldesh, Shade, Encoder.858

      Troldesh is a ransomware spread by malspam.

      ransomwaretrojantroldesh

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks