61524da8678a41fde173e317d1c638d8a775429550cee336f7e00122e9838319 | Triage

Sharing

General

Target

Trojan-Ransom.Win32.Blocker.hnwj-61524da8678a41fde173e317d1c638d8a775429550cee336f7e00122e9838319
Size

468KB
Sample

221106-23v61afbd2
MD5

c02dd2d83fc74abccd43a8b01c91f083
SHA1

2e26a91a8c41e58bbc0adeb5b6fac0728fb5c6b9
SHA256

61524da8678a41fde173e317d1c638d8a775429550cee336f7e00122e9838319
SHA512

2232b20e3c8235a646886ba94a9bd9524b1f3b6a6c15292e2aa0d6c032a350c891f3bfd6f709b8d81e5c62f29b935e53b137fe7cbf4210cf62427d6ee807e29e
SSDEEP

12288:Ki8l1vGkvn6WIi9aDhoFPp37jtHslw7QF:f8dd6WIioDh+PzMlA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Trojan-Ransom.Win32.Blocker.hnwj-61524da8678a41fde173e317d1c638d8a775429550cee336f7e00122e9838319
- Size
  
  468KB
- MD5
  
  c02dd2d83fc74abccd43a8b01c91f083
- SHA1
  
  2e26a91a8c41e58bbc0adeb5b6fac0728fb5c6b9
- SHA256
  
  61524da8678a41fde173e317d1c638d8a775429550cee336f7e00122e9838319
- SHA512
  
  2232b20e3c8235a646886ba94a9bd9524b1f3b6a6c15292e2aa0d6c032a350c891f3bfd6f709b8d81e5c62f29b935e53b137fe7cbf4210cf62427d6ee807e29e
- SSDEEP
  
  12288:Ki8l1vGkvn6WIi9aDhoFPp37jtHslw7QF:f8dd6WIioDh+PzMlA
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2