6849bf7b141ad9ee2bf5aaa7ebd0ccbbf97105e06d9ef333a48b540b6de13dcb | Triage

Sharing

General

Target

6849bf7b141ad9ee2bf5aaa7ebd0ccbbf97105e06d9ef333a48b540b6de13dcb
Size

2.0MB
Sample

221122-ydabfseg84
MD5

208163a38ece0c2ca35ccdc28b04bd3b
SHA1

2d969440afd52cd1d94a87822b885f4ea447b36e
SHA256

6849bf7b141ad9ee2bf5aaa7ebd0ccbbf97105e06d9ef333a48b540b6de13dcb
SHA512

f7ad0d180c3b9bbaff0c8c3d27ac0278f20479fc2b6f5d3d49fdd9d82601d96e4fa02556243843d2cec649fac7944e7138891f4d87aaae9fe9579e70022bacb1
SSDEEP

49152:agkESlEQbdmNTs36OtsJ0MH9awJOusluKOY:agcEWmNAK2E9a9usl

Score

9^/10

evasion ransomware

Malware Config

Targets

- Target
  
  6849bf7b141ad9ee2bf5aaa7ebd0ccbbf97105e06d9ef333a48b540b6de13dcb
- Size
  
  2.0MB
- MD5
  
  208163a38ece0c2ca35ccdc28b04bd3b
- SHA1
  
  2d969440afd52cd1d94a87822b885f4ea447b36e
- SHA256
  
  6849bf7b141ad9ee2bf5aaa7ebd0ccbbf97105e06d9ef333a48b540b6de13dcb
- SHA512
  
  f7ad0d180c3b9bbaff0c8c3d27ac0278f20479fc2b6f5d3d49fdd9d82601d96e4fa02556243843d2cec649fac7944e7138891f4d87aaae9fe9579e70022bacb1
- SSDEEP
  
  49152:agkESlEQbdmNTs36OtsJ0MH9awJOusluKOY:agcEWmNAK2E9a9usl
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2