Overview

overview

9

Static

static

bc1ec0860d...5e.exe

windows7-x64

9

bc1ec0860d...5e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    bc1ec0860d1aa458dece072fe4c4e3f5aa999ced6865a6a76c4e888e9ea96b5e.exe

  • Size

    10.0MB

  • Sample

    221012-gekp5scfd9

  • MD5

    1da6e416f3c94e5cb78c873396fc1c5a

  • SHA1

    df222b1dc3b68faca9a12ec598f38a9bdb047103

  • SHA256

    bc1ec0860d1aa458dece072fe4c4e3f5aa999ced6865a6a76c4e888e9ea96b5e

  • SHA512

    34edd960226e43eeee5476d9b44018e3aa454da1148431cc4b439c57df95877ce8ab17ed031670da513e53b9a3c1288cd875cf0ccf3a8bf423bd825ad5e6a5de

  • SSDEEP

    98304:yLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z0rni42Sejh2N40p:yd9JTZksaJ+1orTRt6e/0

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      bc1ec0860d1aa458dece072fe4c4e3f5aa999ced6865a6a76c4e888e9ea96b5e.exe

    • Size

      10.0MB

    • MD5

      1da6e416f3c94e5cb78c873396fc1c5a

    • SHA1

      df222b1dc3b68faca9a12ec598f38a9bdb047103

    • SHA256

      bc1ec0860d1aa458dece072fe4c4e3f5aa999ced6865a6a76c4e888e9ea96b5e

    • SHA512

      34edd960226e43eeee5476d9b44018e3aa454da1148431cc4b439c57df95877ce8ab17ed031670da513e53b9a3c1288cd875cf0ccf3a8bf423bd825ad5e6a5de

    • SSDEEP

      98304:yLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z0rni42Sejh2N40p:yd9JTZksaJ+1orTRt6e/0

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks