Overview

overview

9

Static

static

831ca7d780...8a.exe

windows7-x64

9

831ca7d780...8a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    831ca7d7809683e3c3b37611972c6dfce5ff71e790354ba5579f70ef4017ea8a

  • Size

    14.7MB

  • Sample

    221018-s6m55agfdn

  • MD5

    785707b3639ae4314f42739052fe4522

  • SHA1

    fa1662e7d4478ab2b90a896ad3aff21d6a750d0a

  • SHA256

    831ca7d7809683e3c3b37611972c6dfce5ff71e790354ba5579f70ef4017ea8a

  • SHA512

    b935830ff54c6270238dead0690479ce1d272e5f1216220ebcb57477d3fc514f19f01a4e3832c3cdadb6534e907e166483bba188d3246eca222c5b726520a968

  • SSDEEP

    98304:GLu13/Jk2Ph05e+g3XBBqa2ZZzRTC0rBC3FO:GikgcN8BBYFTC0rBC3s

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      831ca7d7809683e3c3b37611972c6dfce5ff71e790354ba5579f70ef4017ea8a

    • Size

      14.7MB

    • MD5

      785707b3639ae4314f42739052fe4522

    • SHA1

      fa1662e7d4478ab2b90a896ad3aff21d6a750d0a

    • SHA256

      831ca7d7809683e3c3b37611972c6dfce5ff71e790354ba5579f70ef4017ea8a

    • SHA512

      b935830ff54c6270238dead0690479ce1d272e5f1216220ebcb57477d3fc514f19f01a4e3832c3cdadb6534e907e166483bba188d3246eca222c5b726520a968

    • SSDEEP

      98304:GLu13/Jk2Ph05e+g3XBBqa2ZZzRTC0rBC3FO:GikgcN8BBYFTC0rBC3s

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks