Overview

overview

9

Static

static

8f6328700b...ad.exe

windows7-x64

9

8f6328700b...ad.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8f6328700bb9835c4689b986a99a21d752916eda1e8f20131af5f909a8bb94ad

  • Size

    6.5MB

  • Sample

    221016-dbmhsagfg9

  • MD5

    3206f3402dc481b1bc8b50106d5c8a40

  • SHA1

    3736cbcbf4f0f13c78ac13b15fd2dc980ff1a8bb

  • SHA256

    8f6328700bb9835c4689b986a99a21d752916eda1e8f20131af5f909a8bb94ad

  • SHA512

    f009fa748ed618d3cf9c6ba14846866312a8f2bf2b583bb7419f7d1eb7433d406e417ea04a9cd426cb26e40e27f997a3354219d6bae85716efa68be5063d98d6

  • SSDEEP

    49152:FjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633:1Lu13/Jk2Ph05e+g3

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      8f6328700bb9835c4689b986a99a21d752916eda1e8f20131af5f909a8bb94ad

    • Size

      6.5MB

    • MD5

      3206f3402dc481b1bc8b50106d5c8a40

    • SHA1

      3736cbcbf4f0f13c78ac13b15fd2dc980ff1a8bb

    • SHA256

      8f6328700bb9835c4689b986a99a21d752916eda1e8f20131af5f909a8bb94ad

    • SHA512

      f009fa748ed618d3cf9c6ba14846866312a8f2bf2b583bb7419f7d1eb7433d406e417ea04a9cd426cb26e40e27f997a3354219d6bae85716efa68be5063d98d6

    • SSDEEP

      49152:FjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633:1Lu13/Jk2Ph05e+g3

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks