f7dc6cfcc93ad200a615e4b0b1951e7ab159636eb48d8f19874dc1698e532812 | Triage

Sharing

General

Target

f7dc6cfcc93ad200a615e4b0b1951e7ab159636eb48d8f19874dc1698e532812
Size

216KB
Sample

221124-ppw5xsgf2v
MD5

88f9c81bf69cde243fa55d8b77b07dd2
SHA1

eee450f5fec2242d0d1057bd8e4d1f7ab2f11a6a
SHA256

f7dc6cfcc93ad200a615e4b0b1951e7ab159636eb48d8f19874dc1698e532812
SHA512

eeb6461292438f6d2ed90713d282c1535bb7c13ff2d085861b34dd0e3d45fdc8e07f0676b3f52bd76eea8392027ee88412cf649735084a7115c6ae6156e426dc
SSDEEP

6144:L63B7PRp/6XP90OzsKP58jeLq4oYXskCTMC1j:WR7pU/mqBPOMzStJ

Score

9^/10

evasion ransomware

Malware Config

Targets

- Target
  
  f7dc6cfcc93ad200a615e4b0b1951e7ab159636eb48d8f19874dc1698e532812
- Size
  
  216KB
- MD5
  
  88f9c81bf69cde243fa55d8b77b07dd2
- SHA1
  
  eee450f5fec2242d0d1057bd8e4d1f7ab2f11a6a
- SHA256
  
  f7dc6cfcc93ad200a615e4b0b1951e7ab159636eb48d8f19874dc1698e532812
- SHA512
  
  eeb6461292438f6d2ed90713d282c1535bb7c13ff2d085861b34dd0e3d45fdc8e07f0676b3f52bd76eea8392027ee88412cf649735084a7115c6ae6156e426dc
- SSDEEP
  
  6144:L63B7PRp/6XP90OzsKP58jeLq4oYXskCTMC1j:WR7pU/mqBPOMzStJ
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware