eba98da86f29d42f332389b92e69e88d3083c631cdd464735ecd94933fe7206c | Triage

Sharing

General

Target

Trojan-Ransom.Win32.Blocker.enys-eba98da86f29d42f332389b92e69e88d3083c631cdd464735ecd94933fe7206c
Size

4.3MB
Sample

221106-yaglcsbfar
MD5

92aaf586af3450c443fb45c350e8db60
SHA1

dd611e6c67771bcba76904d0f7cace1782552ba4
SHA256

eba98da86f29d42f332389b92e69e88d3083c631cdd464735ecd94933fe7206c
SHA512

7f48965cae3deecfa3f09d962b048f66531483dbf093c1f323cd6ea4115eb97260441e486151de454e88f8af0ddaed6f5c4a138d5627500ee5b5beafa49c818e
SSDEEP

49152:Ilg5Lml4g0rBKjQSGFCXQLFqejC+HOQaX6VtM/C82sHVCZJ77OXJSbcTfTOYUK:I8LmlV0Oej67G6C8lCZtOXJSY

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  Trojan-Ransom.Win32.Blocker.enys-eba98da86f29d42f332389b92e69e88d3083c631cdd464735ecd94933fe7206c
- Size
  
  4.3MB
- MD5
  
  92aaf586af3450c443fb45c350e8db60
- SHA1
  
  dd611e6c67771bcba76904d0f7cace1782552ba4
- SHA256
  
  eba98da86f29d42f332389b92e69e88d3083c631cdd464735ecd94933fe7206c
- SHA512
  
  7f48965cae3deecfa3f09d962b048f66531483dbf093c1f323cd6ea4115eb97260441e486151de454e88f8af0ddaed6f5c4a138d5627500ee5b5beafa49c818e
- SSDEEP
  
  49152:Ilg5Lml4g0rBKjQSGFCXQLFqejC+HOQaX6VtM/C82sHVCZJ77OXJSbcTfTOYUK:I8LmlV0Oej67G6C8lCZtOXJSY
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2