bf7beeebb100be3ee5f9b2f219969bbec1ff31a2868a21ff4558f10bcad634f5 | Triage

Sharing

General

Target

bf7beeebb100be3ee5f9b2f219969bbec1ff31a2868a21ff4558f10bcad634f5
Size

611KB
Sample

221124-esmqjsgd55
MD5

899be157b06c0e3a98dd00ff57d7b633
SHA1

52c6d56244506686fae547845a5f2f7ca04c368d
SHA256

bf7beeebb100be3ee5f9b2f219969bbec1ff31a2868a21ff4558f10bcad634f5
SHA512

fcfe193659aa97a784b0bfc9c0e6f60399bde2b596c092cec3e666014ffd9955b3f841bdc73713affdf5985e39ff1f3507210715b80bd0221caa198daf1d4a44
SSDEEP

12288:VWYCxxSVs/MQdyAtULk/2QoMkNB130sS62:juyQvmtc4B1

Score

6^/10

persistence ransomware

Malware Config

Targets

- Target
  
  bf7beeebb100be3ee5f9b2f219969bbec1ff31a2868a21ff4558f10bcad634f5
- Size
  
  611KB
- MD5
  
  899be157b06c0e3a98dd00ff57d7b633
- SHA1
  
  52c6d56244506686fae547845a5f2f7ca04c368d
- SHA256
  
  bf7beeebb100be3ee5f9b2f219969bbec1ff31a2868a21ff4558f10bcad634f5
- SHA512
  
  fcfe193659aa97a784b0bfc9c0e6f60399bde2b596c092cec3e666014ffd9955b3f841bdc73713affdf5985e39ff1f3507210715b80bd0221caa198daf1d4a44
- SSDEEP
  
  12288:VWYCxxSVs/MQdyAtULk/2QoMkNB130sS62:juyQvmtc4B1
Score

6^/10

persistence ransomware
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

persistenceransomware

behavioral2

persistenceransomware