Overview

overview

9

Static

static

0ad8693f90...f7.exe

windows7-x64

9

0ad8693f90...f7.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ad8693f90f44f3f03a4a31ffc6e8d943a7a1649f0310795cf8a25612d8a25f7.exe

  • Size

    4.5MB

  • Sample

    221003-d5yg5sedg5

  • MD5

    19146d90e5418b4d3938e5b713f357fe

  • SHA1

    63b50451639a04161273a7201f0e65fce32a2280

  • SHA256

    0ad8693f90f44f3f03a4a31ffc6e8d943a7a1649f0310795cf8a25612d8a25f7

  • SHA512

    bad63b0de27b9e8ca0955976b8cf4b720dd604ab18530065db7fea7bff26ba727b8752f7e18e6374a6f528b157a6a2bdc102fa2cd1cdade7d1d8097b0168a9dd

  • SSDEEP

    49152:1jLuSh3i+FtvkMzT+TIRLhd4HOV5ZNt88QulV03OX:lLu1TIRtUOV5Zv

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      0ad8693f90f44f3f03a4a31ffc6e8d943a7a1649f0310795cf8a25612d8a25f7.exe

    • Size

      4.5MB

    • MD5

      19146d90e5418b4d3938e5b713f357fe

    • SHA1

      63b50451639a04161273a7201f0e65fce32a2280

    • SHA256

      0ad8693f90f44f3f03a4a31ffc6e8d943a7a1649f0310795cf8a25612d8a25f7

    • SHA512

      bad63b0de27b9e8ca0955976b8cf4b720dd604ab18530065db7fea7bff26ba727b8752f7e18e6374a6f528b157a6a2bdc102fa2cd1cdade7d1d8097b0168a9dd

    • SSDEEP

      49152:1jLuSh3i+FtvkMzT+TIRLhd4HOV5ZNt88QulV03OX:lLu1TIRtUOV5Zv

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks