makop | aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da | Triage

Submit
Reports

Overview

overview

Static

static

aa0073548e...da.exe

windows7-x64

9

aa0073548e...da.exe

windows10-2004-x64

Sharing

General

Target

aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da
Size

42KB
Sample

221018-kcyqrsfba5
MD5

485a9199578ab6219dce9435d4289071
SHA1

ab5431ec64d80fcf12f327200954a367f6466623
SHA256

aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da
SHA512

a7e78ce53fb008372f4878593b05b11ab6e48c2a3cde9f0266457688832ee5dae673b9f336f81d313665c04907615bd8468dfa3a95ff7dcb43187ca12a9e4dba
SSDEEP

768:vO1oR/rVS1RzK4wbs+D/SIJX+ZZ1SQQwZxMPPzDf4rOcWNJLoYg:v5S1FKnDtkxMfjNJ8

Score

10^/10

makop ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da.exe

Resource

win7-20220901-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da
- Size
  
  42KB
- MD5
  
  485a9199578ab6219dce9435d4289071
- SHA1
  
  ab5431ec64d80fcf12f327200954a367f6466623
- SHA256
  
  aa0073548e845d1119186ba77368adfd81dbe0d056ec1f258e83a7dd368972da
- SHA512
  
  a7e78ce53fb008372f4878593b05b11ab6e48c2a3cde9f0266457688832ee5dae673b9f336f81d313665c04907615bd8468dfa3a95ff7dcb43187ca12a9e4dba
- SSDEEP
  
  768:vO1oR/rVS1RzK4wbs+D/SIJX+ZZ1SQQwZxMPPzDf4rOcWNJLoYg:v5S1FKnDtkxMfjNJ8
Score

10^/10

ransomware
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Deletes backup catalog
  Uses wbadmin.exe to inhibit system recovery.
  ransomware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy