Overview

overview

9

Static

static

a8252b07fd...33.exe

windows7-x64

9

a8252b07fd...33.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8252b07fd110822dbf82f242e24461813ba531d2d6b2f9c4b478a67a7d73f33.exe

  • Size

    5.2MB

  • Sample

    221001-t1yv4shccj

  • MD5

    c37f554ce583499bb9d37ab1271e3d32

  • SHA1

    2a5028555a8ac0a26eb5cf1f97d4c9885e4d7772

  • SHA256

    a8252b07fd110822dbf82f242e24461813ba531d2d6b2f9c4b478a67a7d73f33

  • SHA512

    78db119e6068593b64770a106f0ac12301cfdc6e13fe38a2c4bed906cd00bc6d354a95f0181b7b20323c600fdd7f0d9fc66c7c8ae021acab5fac0dcf77f05175

  • SSDEEP

    49152:NjLuSh3i+FtvkMzT+TIRLhd4HOV5ZNt88QulV03OX:NLu1TIRtUOV5Zv

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      a8252b07fd110822dbf82f242e24461813ba531d2d6b2f9c4b478a67a7d73f33.exe

    • Size

      5.2MB

    • MD5

      c37f554ce583499bb9d37ab1271e3d32

    • SHA1

      2a5028555a8ac0a26eb5cf1f97d4c9885e4d7772

    • SHA256

      a8252b07fd110822dbf82f242e24461813ba531d2d6b2f9c4b478a67a7d73f33

    • SHA512

      78db119e6068593b64770a106f0ac12301cfdc6e13fe38a2c4bed906cd00bc6d354a95f0181b7b20323c600fdd7f0d9fc66c7c8ae021acab5fac0dcf77f05175

    • SSDEEP

      49152:NjLuSh3i+FtvkMzT+TIRLhd4HOV5ZNt88QulV03OX:NLu1TIRtUOV5Zv

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks