Overview

overview

9

Static

static

03c7f5a2c8...12.exe

windows7-x64

9

03c7f5a2c8...12.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    03c7f5a2c8ec92dab504e43981fdfe8d6bf0f50b59ce4ad17444b3f7e8580112

  • Size

    8.4MB

  • Sample

    221018-sqyxpagcc2

  • MD5

    ba7f03699fd9e4b2884e6a61506c9234

  • SHA1

    cdf76b3d31001513af297e0ca488be465814dc16

  • SHA256

    03c7f5a2c8ec92dab504e43981fdfe8d6bf0f50b59ce4ad17444b3f7e8580112

  • SHA512

    a14d4f0b5c667b16d1fa7e7deca3131dbb390dcbfc8fb53bf1eecce45a8988e2d300990b223c74aee7538937012bc06769fec2129532383c82db8a2f26d1f674

  • SSDEEP

    49152:ujLuSh3i+FtvkMzT+8Re0ZGxbxcgsIsTZm:yLu1g9ZGlWrfTZm

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      03c7f5a2c8ec92dab504e43981fdfe8d6bf0f50b59ce4ad17444b3f7e8580112

    • Size

      8.4MB

    • MD5

      ba7f03699fd9e4b2884e6a61506c9234

    • SHA1

      cdf76b3d31001513af297e0ca488be465814dc16

    • SHA256

      03c7f5a2c8ec92dab504e43981fdfe8d6bf0f50b59ce4ad17444b3f7e8580112

    • SHA512

      a14d4f0b5c667b16d1fa7e7deca3131dbb390dcbfc8fb53bf1eecce45a8988e2d300990b223c74aee7538937012bc06769fec2129532383c82db8a2f26d1f674

    • SSDEEP

      49152:ujLuSh3i+FtvkMzT+8Re0ZGxbxcgsIsTZm:yLu1g9ZGlWrfTZm

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks