270d5d46ea16e02b8bd73e23904653304d4bd41c79aaccf42cf0cce1efa8fb24 | Triage

Sharing

General

Target

270d5d46ea16e02b8bd73e23904653304d4bd41c79aaccf42cf0cce1efa8fb24
Size

348KB
Sample

221123-r4mwxaad36
MD5

9e4cab69981fa679c9a84375676fcc1d
SHA1

f58cc7f89276024b549330f7b957ff04d0ac1c42
SHA256

270d5d46ea16e02b8bd73e23904653304d4bd41c79aaccf42cf0cce1efa8fb24
SHA512

380fb1bf9e0d8f47bd166fe36cba92d7052cfe064c5cc390e28cf3f0c1e52dcf3b666246ca6ac06a3a79a30a1706c54e261ae53a4813030b5434929268b84528
SSDEEP

6144:nyWxwCjWwKpb7x+pyO1sYbg0L4J7CpLa6D+qtFukVYG74gdSNDkmmpybIWU:ny5ee7wpyvYby7CpLKqrVYhgYmmoyb

Score

9^/10

evasion ransomware

Malware Config

Targets

- Target
  
  270d5d46ea16e02b8bd73e23904653304d4bd41c79aaccf42cf0cce1efa8fb24
- Size
  
  348KB
- MD5
  
  9e4cab69981fa679c9a84375676fcc1d
- SHA1
  
  f58cc7f89276024b549330f7b957ff04d0ac1c42
- SHA256
  
  270d5d46ea16e02b8bd73e23904653304d4bd41c79aaccf42cf0cce1efa8fb24
- SHA512
  
  380fb1bf9e0d8f47bd166fe36cba92d7052cfe064c5cc390e28cf3f0c1e52dcf3b666246ca6ac06a3a79a30a1706c54e261ae53a4813030b5434929268b84528
- SSDEEP
  
  6144:nyWxwCjWwKpb7x+pyO1sYbg0L4J7CpLa6D+qtFukVYG74gdSNDkmmpybIWU:ny5ee7wpyvYby7CpLKqrVYhgYmmoyb
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware