Overview

overview

9

Static

static

e0c8b7b37f...10.exe

windows7-x64

9

e0c8b7b37f...10.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e0c8b7b37f5bdd879a3c422a9fd284468cd1909503a736cd4cf8c8ed24cf7510

  • Size

    8.2MB

  • Sample

    221017-nf3exabghl

  • MD5

    1c84c4c7ee74f89c46c3f889a9284676

  • SHA1

    185e8ebb363fc1d37472395eacaaa448050f62a6

  • SHA256

    e0c8b7b37f5bdd879a3c422a9fd284468cd1909503a736cd4cf8c8ed24cf7510

  • SHA512

    4aa312ce53714c1c7d9551daf646ae24bd6fc5605bb03b46314c806522113873475b229c53509fe81e8ea22e3d88ea32c6d8d0501ceacdc0b246ee7d0e772cb8

  • SSDEEP

    98304:OLu13/Jk2Ph05e+g3aL8BHeTLIOsRvBYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZ3:OikgcN/MeTLIOsNvGfLgc

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      e0c8b7b37f5bdd879a3c422a9fd284468cd1909503a736cd4cf8c8ed24cf7510

    • Size

      8.2MB

    • MD5

      1c84c4c7ee74f89c46c3f889a9284676

    • SHA1

      185e8ebb363fc1d37472395eacaaa448050f62a6

    • SHA256

      e0c8b7b37f5bdd879a3c422a9fd284468cd1909503a736cd4cf8c8ed24cf7510

    • SHA512

      4aa312ce53714c1c7d9551daf646ae24bd6fc5605bb03b46314c806522113873475b229c53509fe81e8ea22e3d88ea32c6d8d0501ceacdc0b246ee7d0e772cb8

    • SSDEEP

      98304:OLu13/Jk2Ph05e+g3aL8BHeTLIOsRvBYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZ3:OikgcN/MeTLIOsNvGfLgc

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks