Overview

overview

9

Static

static

3504d33000...22.exe

windows7-x64

9

3504d33000...22.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3504d330003d44ef689f174d10f74f8e3eabcc30779a645005a888c2fad1e622

  • Size

    2.4MB

  • Sample

    221015-abew6aegg8

  • MD5

    05a73e7a382558505bd23e3644d4c46a

  • SHA1

    5c7830fe5ee7879c5eed6626350635c0a09c1628

  • SHA256

    3504d330003d44ef689f174d10f74f8e3eabcc30779a645005a888c2fad1e622

  • SHA512

    7fc391325328e9485b40ff490588eafe8fb54b581b3c651cb462f06af377e376cd8c7337136254d4155f23c5ca4b3338a91f8adbcd7ee068aad1ec646044215d

  • SSDEEP

    49152:JqcQFTIOZeqWm23GtLQzXlTnOf9p3vTGzgwpR:4cQUFmD8TUf3xm

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      3504d330003d44ef689f174d10f74f8e3eabcc30779a645005a888c2fad1e622

    • Size

      2.4MB

    • MD5

      05a73e7a382558505bd23e3644d4c46a

    • SHA1

      5c7830fe5ee7879c5eed6626350635c0a09c1628

    • SHA256

      3504d330003d44ef689f174d10f74f8e3eabcc30779a645005a888c2fad1e622

    • SHA512

      7fc391325328e9485b40ff490588eafe8fb54b581b3c651cb462f06af377e376cd8c7337136254d4155f23c5ca4b3338a91f8adbcd7ee068aad1ec646044215d

    • SSDEEP

      49152:JqcQFTIOZeqWm23GtLQzXlTnOf9p3vTGzgwpR:4cQUFmD8TUf3xm

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks