b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801 | Triage

Resubmissions

10/11/2022, 09:01 UTC

221110-kyxetsacgl 10

31/10/2022, 17:01 UTC

221031-vjjkjacdbq 8

Sharing

General

Target

b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801.exe
Size

32KB
Sample

221031-vjjkjacdbq
MD5

6468ee100d88c71d55dfdcf4e30f991e
SHA1

5c520d2d7dc4c9e5d536d3aff998185657d40ac8
SHA256

b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801
SHA512

41913eb5adaab42c7ebff547421c0faedede5a3356cb2aa8b92ab20320f73766101056853f450435281cf31e7f32603c62fbd88fa3a680b19abda5d8cc9a98ae
SSDEEP

768:QzG3EG0IUJrd6dQar/MjfW33AMar6q3Fu:QKEG4Jx6Ky/Mjo3AMa13U

Score

8^/10

ransomware spyware stealer

Malware Config

Targets

- Target
  
  b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801.exe
- Size
  
  32KB
- MD5
  
  6468ee100d88c71d55dfdcf4e30f991e
- SHA1
  
  5c520d2d7dc4c9e5d536d3aff998185657d40ac8
- SHA256
  
  b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801
- SHA512
  
  41913eb5adaab42c7ebff547421c0faedede5a3356cb2aa8b92ab20320f73766101056853f450435281cf31e7f32603c62fbd88fa3a680b19abda5d8cc9a98ae
- SSDEEP
  
  768:QzG3EG0IUJrd6dQar/MjfW33AMar6q3Fu:QKEG4Jx6Ky/Mjo3AMa13U
Score

8^/10

spyware stealer ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

ransomwarespywarestealer