troldesh | f048d04ad572238ca9bbf6b06330d051f696286737ebc64137a91f3eb7a6e2c1 | Triage

Submit
Reports

Overview

overview

Static

static

1204_akt.scr

windows7-x64

1204_akt.scr

windows10-2004-x64

Sharing

General

Target

f048d04ad572238ca9bbf6b06330d051f696286737ebc64137a91f3eb7a6e2c1
Size

899KB
Sample

221024-k2he3sfggm
MD5

410e3c46640ebe10ff385540270fad1e
SHA1

d16ff7d0953c480761e6af69bc81cf3a053e7def
SHA256

f048d04ad572238ca9bbf6b06330d051f696286737ebc64137a91f3eb7a6e2c1
SHA512

4f69f8a7cb22672a8ea579cfc61cc9fe2d325dbcc532a9d62042ef53454caf5bb87f031da7375a84b0628c4eb261bebe9c7fba92447385a1797c933fe8408a22
SSDEEP

24576:iBzZVdMACbSlYLYDUnTe31C4YE9beJ4L8rcw2lpAhUuj:itZVdMAY6JDUylC41Ac3AhDj

Score

10^/10

troldesh persistence ransomware trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

1204_akt.scr

Resource

win7-20220812-en

troldesh persistence ransomware trojan upx

windows7-x64

6 signatures

10 seconds

Behavioral task

behavioral2

Sample

1204_akt.scr

Resource

win10v2004-20220812-en

troldesh persistence ransomware trojan upx

windows10-2004-x64

5 signatures

10 seconds

Malware Config

Targets

- Target
  
  1204_akt.scr
- Size
  
  1.4MB
- MD5
  
  32db94cbaad07f413f52df002afccd58
- SHA1
  
  5339a0c15509ded18c177c43d9b867d305765c13
- SHA256
  
  107c6a7b16ca74e7a982765f0d86a9fc43dce227edf5eeb9ea9d664725b5e93b
- SHA512
  
  ab5b7208f73e231b93220b63c0de1eeab60a4e84ff3850fda206c56ed659bd538f5f7fabbcdc71d10d1c9de88be5acbf4f925255b5dd1e500cf2e1d89333d110
- SSDEEP
  
  24576:axqPjYEVBzDIVSIgna0ANxj0460+PDtOpwzfzRlL7fbm6:agbL2SIgna1xjODrcKzfvfzh
Score

10^/10

troldesh persistence ransomware trojan upx
- Troldesh, Shade, Encoder.858
  Troldesh is a ransomware spread by malspam.
  ransomware trojan troldesh
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

troldeshpersistenceransomwaretrojanupx

behavioral2

troldeshpersistenceransomwaretrojanupx

© 2018-2025

Terms | Privacy