b557831d258a96970f9ef2baa8ebd4930115fbdf411f10c73eaa9473aa87b32d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Blocker.frgr-b557831d258a96970f9ef2baa8ebd4930115fbdf411f10c73eaa9473aa87b32d
Size

25KB
Sample

221106-1cmaqsceb8
MD5

a668d5a15ee5a492ef36c34fdc8930f9
SHA1

9e733df24e5342d35eb5fad87f3107c6d6d6fa30
SHA256

b557831d258a96970f9ef2baa8ebd4930115fbdf411f10c73eaa9473aa87b32d
SHA512

387e14d462c0b94d9ca0c2034bb40ea9a7c0d27ff94364a98b9b8c4706cc934f437afb44d45b9cd6440d7a56ea89981e35b57236ecf133227966b69a6393caa2
SSDEEP

384:4F/wt1EkmlMvGfanyyL/rh6oT0xUrChXaeHtC:40Wuyqjh6oT0xUrCceH

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Trojan-Ransom.Win32.Blocker.frgr-b557831d258a96970f9ef2baa8ebd4930115fbdf411f10c73eaa9473aa87b32d
- Size
  
  25KB
- MD5
  
  a668d5a15ee5a492ef36c34fdc8930f9
- SHA1
  
  9e733df24e5342d35eb5fad87f3107c6d6d6fa30
- SHA256
  
  b557831d258a96970f9ef2baa8ebd4930115fbdf411f10c73eaa9473aa87b32d
- SHA512
  
  387e14d462c0b94d9ca0c2034bb40ea9a7c0d27ff94364a98b9b8c4706cc934f437afb44d45b9cd6440d7a56ea89981e35b57236ecf133227966b69a6393caa2
- SSDEEP
  
  384:4F/wt1EkmlMvGfanyyL/rh6oT0xUrChXaeHtC:40Wuyqjh6oT0xUrCceH
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2