Overview

overview

9

Static

static

eabd3b0475...87.exe

windows7-x64

9

eabd3b0475...87.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    eabd3b0475633fdea096e71f126a8e96c8b1b97a060288be8c65e30e56e2c587

  • Size

    8.7MB

  • Sample

    221011-1l23jsfgf6

  • MD5

    97d1dbb45354e83a8cb79d5900f77c8e

  • SHA1

    211c6d2ea6e2e38229d902811110b0f09b3cb214

  • SHA256

    eabd3b0475633fdea096e71f126a8e96c8b1b97a060288be8c65e30e56e2c587

  • SHA512

    1b8feb43dbb3725742a5907b6594e2154c1388ac671c29f6e28848396a1fdaa2234a1bcf96adcde596cb1ab86f145cda5fd15dbcc27c379a55823132bab7b11f

  • SSDEEP

    98304:OLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z93psErUtgKpjF:Od9JTZksaJ+1orTRtp3psErUtjp

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      eabd3b0475633fdea096e71f126a8e96c8b1b97a060288be8c65e30e56e2c587

    • Size

      8.7MB

    • MD5

      97d1dbb45354e83a8cb79d5900f77c8e

    • SHA1

      211c6d2ea6e2e38229d902811110b0f09b3cb214

    • SHA256

      eabd3b0475633fdea096e71f126a8e96c8b1b97a060288be8c65e30e56e2c587

    • SHA512

      1b8feb43dbb3725742a5907b6594e2154c1388ac671c29f6e28848396a1fdaa2234a1bcf96adcde596cb1ab86f145cda5fd15dbcc27c379a55823132bab7b11f

    • SSDEEP

      98304:OLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z93psErUtgKpjF:Od9JTZksaJ+1orTRtp3psErUtjp

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks