c7437e64d9727a7418dbe9d733a0789f9358975bafa4924813d40690f37d28e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7437e64d9727a7418dbe9d733a0789f9358975bafa4924813d40690f37d28e5
Size

1.6MB
Sample

221026-c52n5aeehp
MD5

b145df1a629490fbc1472c2ab626b3c5
SHA1

1e49f56f1d7b9fd9c13b413e52155a228a104a2f
SHA256

c7437e64d9727a7418dbe9d733a0789f9358975bafa4924813d40690f37d28e5
SHA512

786d317d7261b18abc6195d633e8a304ddf7ba59389099537b6635df49055f97973665a9e2c829552026df17c6de309ebe1e294ae9432c79f1f08ca1c1e12348
SSDEEP

24576:lKKKKKKGdzswxeqWiZUCM2OLmoQKXIgzodp7UE+IaoZ:0dKeUCPOLmoQX2k

Score

9^/10

ransomware spyware stealer

Malware Config

Targets

- Target
  
  c7437e64d9727a7418dbe9d733a0789f9358975bafa4924813d40690f37d28e5
- Size
  
  1.6MB
- MD5
  
  b145df1a629490fbc1472c2ab626b3c5
- SHA1
  
  1e49f56f1d7b9fd9c13b413e52155a228a104a2f
- SHA256
  
  c7437e64d9727a7418dbe9d733a0789f9358975bafa4924813d40690f37d28e5
- SHA512
  
  786d317d7261b18abc6195d633e8a304ddf7ba59389099537b6635df49055f97973665a9e2c829552026df17c6de309ebe1e294ae9432c79f1f08ca1c1e12348
- SSDEEP
  
  24576:lKKKKKKGdzswxeqWiZUCM2OLmoQKXIgzodp7UE+IaoZ:0dKeUCPOLmoQX2k
Score

9^/10

ransomware spyware stealer
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

ransomwarespywarestealer

behavioral2