Overview

overview

9

Static

static

0f4c7daed2...86.exe

windows7-x64

9

0f4c7daed2...86.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0f4c7daed28c7933d1c0e059d65786897429a6caaa4061240d9b12850fa91586.exe

  • Size

    6.1MB

  • Sample

    221016-slxh3ahff9

  • MD5

    8c1ca0aa8cb21f041cf7f80461dd2f96

  • SHA1

    31977c87c0800dc7e27ca3c755a33200304fbe8c

  • SHA256

    0f4c7daed28c7933d1c0e059d65786897429a6caaa4061240d9b12850fa91586

  • SHA512

    0f6951912d9f52cc18c06f701206328c1f752222c2d195d4ec8c2d8b203822f1407f6b07d9bace8874c2607c834fb92f8f1a13bed8e857cb1a17c780b253c2df

  • SSDEEP

    6144:e98L598L598L598L598L598L598L598L598:lKKKKKKK

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      0f4c7daed28c7933d1c0e059d65786897429a6caaa4061240d9b12850fa91586.exe

    • Size

      6.1MB

    • MD5

      8c1ca0aa8cb21f041cf7f80461dd2f96

    • SHA1

      31977c87c0800dc7e27ca3c755a33200304fbe8c

    • SHA256

      0f4c7daed28c7933d1c0e059d65786897429a6caaa4061240d9b12850fa91586

    • SHA512

      0f6951912d9f52cc18c06f701206328c1f752222c2d195d4ec8c2d8b203822f1407f6b07d9bace8874c2607c834fb92f8f1a13bed8e857cb1a17c780b253c2df

    • SSDEEP

      6144:e98L598L598L598L598L598L598L598L598:lKKKKKKK

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks