908867e340f47517667bb92050d6c9be3107fffa9658b91dc72bde4340377a94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

908867e340f47517667bb92050d6c9be3107fffa9658b91dc72bde4340377a94
Size

9.8MB
Sample

221010-jk3h9abag2
MD5

07ba18a09fd0658ab479dd8ca649eccd
SHA1

6d24eceb938f2d1c04977a3fa6f80eed42e64e9e
SHA256

908867e340f47517667bb92050d6c9be3107fffa9658b91dc72bde4340377a94
SHA512

a4f8b44b8ee68ea7eee1c2f9098d3d229bafff757c62c021695cddf5237e82054f970f63a7674b0111b46f6a2fbde8d7893a13f7f602fc2ab0e0aa5c16eadd99
SSDEEP

49152:CjLuSh3i+FtvkMzT+TIRMFJsDFfV59MsU8BBWKcFO72ZKsm6zB:eLu1TIRMFJswsDBBqa2ZZzB

Score

9^/10

ransomware spyware stealer

Malware Config

Targets

- Target
  
  908867e340f47517667bb92050d6c9be3107fffa9658b91dc72bde4340377a94
- Size
  
  9.8MB
- MD5
  
  07ba18a09fd0658ab479dd8ca649eccd
- SHA1
  
  6d24eceb938f2d1c04977a3fa6f80eed42e64e9e
- SHA256
  
  908867e340f47517667bb92050d6c9be3107fffa9658b91dc72bde4340377a94
- SHA512
  
  a4f8b44b8ee68ea7eee1c2f9098d3d229bafff757c62c021695cddf5237e82054f970f63a7674b0111b46f6a2fbde8d7893a13f7f602fc2ab0e0aa5c16eadd99
- SSDEEP
  
  49152:CjLuSh3i+FtvkMzT+TIRMFJsDFfV59MsU8BBWKcFO72ZKsm6zB:eLu1TIRMFJswsDBBqa2ZZzB
Score

9^/10

ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

ransomwarespywarestealer

behavioral2