koxic | 7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9 | Triage

Submit
Reports

Overview

overview

Static

static

7a5e20e021...e9.exe

windows10-2004-x64

Resubmissions

11-10-2022 09:19

221011-laklssfgd6 10

18-04-2022 20:28

220418-y9cfpahad5 10

Sharing

General

Target

7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe
Size

379KB
Sample

221011-laklssfgd6
MD5

5a44e1d5691ec9395281123ea0bd501f
SHA1

64566d5049479227d2eff3d983b127c0339974cd
SHA256

7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9
SHA512

55d85e77f70f25bae6cf8bbf5dd787d5771c2e38e99461b608f6375be9cb0b1031f3c0268b82eb03db05eb88ce37d5f37afbfc69ab0c4f90791a706013b168c8
SSDEEP

6144:iKhrG3sugbNHoLjmtbLC0Yq4L/mFWPLz2V0Pz2V0Pz2V0Pz2V0gqqi:i3sugbNHoLH/6WTnnnLqi

Score

10^/10

koxic evasion ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe

Resource

win10v2004-20220812-en

koxic evasion ransomware trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9.exe
- Size
  
  379KB
- MD5
  
  5a44e1d5691ec9395281123ea0bd501f
- SHA1
  
  64566d5049479227d2eff3d983b127c0339974cd
- SHA256
  
  7a5e20e021dc29a07cad61f4d0bdb98e22749f13c3ace58220bfe978908bb7e9
- SHA512
  
  55d85e77f70f25bae6cf8bbf5dd787d5771c2e38e99461b608f6375be9cb0b1031f3c0268b82eb03db05eb88ce37d5f37afbfc69ab0c4f90791a706013b168c8
- SSDEEP
  
  6144:iKhrG3sugbNHoLjmtbLC0Yq4L/mFWPLz2V0Pz2V0Pz2V0Pz2V0gqqi:i3sugbNHoLH/6WTnnnLqi
Score

10^/10

koxic evasion ransomware trojan
- Koxic
  A C++ written ransomware first seen in late 2021.
  ransomware koxic
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Windows security modification
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

koxicevasionransomwaretrojan

© 2018-2024

Terms | Privacy