Overview

overview

8

Static

static

Rensenware.exe

windows7-x64

8

Rensenware.exe

windows10-2004-x64

8

Rensenware_forcer.exe

windows7-x64

1

Rensenware_forcer.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Rensenware.zip

  • Size

    88KB

  • Sample

    221124-wr6kpsec3w

  • MD5

    6f86944db7a495a640b91d2cff4b5cce

  • SHA1

    9b05194d6fe23ecbf3973f81aefcca833c302d4e

  • SHA256

    dd50c3ba967fa3422b1656f1f231fc4d3d8adfefce64d28c220b2bdc6a3319be

  • SHA512

    5d8a947f1bbcb2b4e0a3effec0388e56c595b037f243c2d03cb0106d89476cc0a3bf611ee86fb93832e3b44854bf50fa71d039b0fc364a0c9097a67c6615feff

  • SSDEEP

    1536:c7OyzjjfLHRYKrPQ7f14kM52vPJBB0+xJN94MMUWPcmhp0bGgjezHEwXNjwCwN:c62HzxYKCfw2vPJ3Nx2MMUW0mhGbqLj+

Score
8/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      Rensenware.exe

    • Size

      96KB

    • MD5

      60335edf459643a87168da8ed74c2b60

    • SHA1

      61f3e01174a6557f9c0bfc89ae682d37a7e91e2e

    • SHA256

      7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a

    • SHA512

      b4e5e4d4f0b4a52243d6756c66b4fe6f4b39e64df7790072046e8a3dadad3a1be30b8689a1bab8257cc35cb4df652888ddf62b4e1fccb33e1bbf1f5416d73efb

    • SSDEEP

      3072:kGXc7vE4k8sWJnmiWpJtCkGwJ1ED7qztG:RXD8sWBmiW0wX6Gx

    Score
    8/10
    ransomwarespywarestealer

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

    • Target

      Rensenware_forcer.exe

    • Size

      9KB

    • MD5

      48dd978edac7cce6386513f6b96ec090

    • SHA1

      289484ecba676e54a8ba8059be1152ecf27409fe

    • SHA256

      262dfde7073dca4bc876bcb13b03f7f193d536ca7ddb7b72de4a768eb3dcdb5c

    • SHA512

      fc9bbf59445689b128f145e9b83b38a1b4f27c5e1ec01319c604ef1313cec47b821014f1ee8b59e7f5a05064d65cdab3868a73d90276f12059bc98872884acc7

    • SSDEEP

      192:OC+0ocXFv/rworE2RiK4SJSwPP7E5pz6j9ib:OQ3rworX4KTJRPP7

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks