Overview

overview

9

Static

static

700e686f6c...24.exe

windows7-x64

9

700e686f6c...24.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    700e686f6cf753cacf28522b6341f8fa1099bd526e3917f3e2ee1a77507a3624

  • Size

    859KB

  • Sample

    221018-c53w7aedcj

  • MD5

    9ba1c2bc9992781f72578213023dfb59

  • SHA1

    a9403e85b11238796e7f557fb81ea86501a02817

  • SHA256

    700e686f6cf753cacf28522b6341f8fa1099bd526e3917f3e2ee1a77507a3624

  • SHA512

    4feef9531122900a71af361561cd60f4abd2a4a67c47eb3ed73436d11bc701d37bd0be1591e1a76fa834730658c787a0051b17815d3ca0788a7f0d805560d5b3

  • SSDEEP

    24576:lKKKKKKKKKKKKKN7ChBWMQ+uSr04XppcQ9:hjLuSr04TB

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      700e686f6cf753cacf28522b6341f8fa1099bd526e3917f3e2ee1a77507a3624

    • Size

      859KB

    • MD5

      9ba1c2bc9992781f72578213023dfb59

    • SHA1

      a9403e85b11238796e7f557fb81ea86501a02817

    • SHA256

      700e686f6cf753cacf28522b6341f8fa1099bd526e3917f3e2ee1a77507a3624

    • SHA512

      4feef9531122900a71af361561cd60f4abd2a4a67c47eb3ed73436d11bc701d37bd0be1591e1a76fa834730658c787a0051b17815d3ca0788a7f0d805560d5b3

    • SSDEEP

      24576:lKKKKKKKKKKKKKN7ChBWMQ+uSr04XppcQ9:hjLuSr04TB

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks