Overview

overview

9

Static

static

5fc44c7342...57.exe

windows10-1703-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fc44c7342b84f50f24758e39c8848b2f0991e8817ef5465844f5f2ff6085a57

  • Size

    717KB

  • Sample

    221015-v4ahcsfhc6

  • MD5

    8119c78b7cfb7d9ce37286ec9fc263e2

  • SHA1

    986ba7a5714ad5b0de0d040d1c066389bcb81a67

  • SHA256

    5fc44c7342b84f50f24758e39c8848b2f0991e8817ef5465844f5f2ff6085a57

  • SHA512

    bcdf2516171527ef236c76de1e6eaf0539570be9d16d6252f3b8990417ba3e64556c1889b2b7ed879cda069e7471e1af92cf2e09c0b1db086043b70a7cbc953b

  • SSDEEP

    12288:VvEo74Ro+OeO+OeNhBBhhBB1Xj2BV35CIunI0IuBwtks/2fhSMXlHphqlwL:VZ7uXj0JCIJuKF2fhSMXlJhaw

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      5fc44c7342b84f50f24758e39c8848b2f0991e8817ef5465844f5f2ff6085a57

    • Size

      717KB

    • MD5

      8119c78b7cfb7d9ce37286ec9fc263e2

    • SHA1

      986ba7a5714ad5b0de0d040d1c066389bcb81a67

    • SHA256

      5fc44c7342b84f50f24758e39c8848b2f0991e8817ef5465844f5f2ff6085a57

    • SHA512

      bcdf2516171527ef236c76de1e6eaf0539570be9d16d6252f3b8990417ba3e64556c1889b2b7ed879cda069e7471e1af92cf2e09c0b1db086043b70a7cbc953b

    • SSDEEP

      12288:VvEo74Ro+OeO+OeNhBBhhBB1Xj2BV35CIunI0IuBwtks/2fhSMXlHphqlwL:VZ7uXj0JCIJuKF2fhSMXlJhaw

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Deletes backup catalog

      Uses wbadmin.exe to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks