Overview

overview

8

Static

static

8

F83A7432D3...59.exe

windows10-1703-x64

8

F83A7432D3...59.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    F83A7432D37EC2DBE3F789F84BFEE03B97EA3E59.exe

  • Size

    1.9MB

  • Sample

    220923-j4n5zagbg8

  • MD5

    72beb1c486f502520cfbba931d50fe47

  • SHA1

    f83a7432d37ec2dbe3f789f84bfee03b97ea3e59

  • SHA256

    2ba6970b06a8e819b65193ff1b1ef65f494fab52dc35813d9ae82b7b6ccce76a

  • SHA512

    e9ac950fb21fee304a9d7c926da63154493f46b7a0fa2d3360a7aabd2870b4c9e69cdca588b08bd9c1fb0cef91305473e0e894b7ae6489511cb1ea31eff78bf5

  • SSDEEP

    49152:Xhhfd16V/y3SjphHZ08Nd/KrSt3fAOmlexrhKsiCSu94cS0:Rha/y3Sxd/5t3fFFtY4nmcS0

Score
8/10
persistenceransomwareupx

Malware Config

Targets

    • Target

      F83A7432D37EC2DBE3F789F84BFEE03B97EA3E59.exe

    • Size

      1.9MB

    • MD5

      72beb1c486f502520cfbba931d50fe47

    • SHA1

      f83a7432d37ec2dbe3f789f84bfee03b97ea3e59

    • SHA256

      2ba6970b06a8e819b65193ff1b1ef65f494fab52dc35813d9ae82b7b6ccce76a

    • SHA512

      e9ac950fb21fee304a9d7c926da63154493f46b7a0fa2d3360a7aabd2870b4c9e69cdca588b08bd9c1fb0cef91305473e0e894b7ae6489511cb1ea31eff78bf5

    • SSDEEP

      49152:Xhhfd16V/y3SjphHZ08Nd/KrSt3fAOmlexrhKsiCSu94cS0:Rha/y3Sxd/5t3fFFtY4nmcS0

    Score
    8/10
    ransomwareupxpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Tasks