435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33 | Triage

Resubmissions

27-10-2022 16:11

221027-tm2pvacfh9 10

23-10-2022 23:24

221023-3d7deadchp 8

Sharing

General

Target

435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33.bin.sample
Size

225KB
Sample

221023-3d7deadchp
MD5

e86b3398333384aaffd32c1444dde9d0
SHA1

4ed7e2362fb149e5d5c3a261400f1e6e6f04628d
SHA256

435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33
SHA512

eb9c20f2610d2ff008dd3d7a0596ef5ada56b2c121bf635eb8247a049b829f947b0a514c0052399e47662a526325b3b9e8c916c009f42d5279e90040a28932ec
SSDEEP

3072:dieIAGyEGGmgvevzpxBt0uZ8z43gBVN2qvI6vQF5ovTsno:d5qedM43wVN2g3gno

Score

8^/10

ransomware spyware stealer

Malware Config

Targets

- Target
  
  435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33.bin.sample
- Size
  
  225KB
- MD5
  
  e86b3398333384aaffd32c1444dde9d0
- SHA1
  
  4ed7e2362fb149e5d5c3a261400f1e6e6f04628d
- SHA256
  
  435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33
- SHA512
  
  eb9c20f2610d2ff008dd3d7a0596ef5ada56b2c121bf635eb8247a049b829f947b0a514c0052399e47662a526325b3b9e8c916c009f42d5279e90040a28932ec
- SSDEEP
  
  3072:dieIAGyEGGmgvevzpxBt0uZ8z43gBVN2qvI6vQF5ovTsno:d5qedM43wVN2g3gno
Score

8^/10

ransomware spyware stealer
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ransomwarespywarestealer

behavioral2

ransomwarespywarestealer