Overview

overview

9

Static

static

2ddb020a49...3e.exe

windows7-x64

9

2ddb020a49...3e.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ddb020a499b7ac7936a11bc73f7a8e2dacd09eddd6cd8c6c51c7326f9c95d3e

  • Size

    180KB

  • Sample

    221126-eqa9qsba62

  • MD5

    a9927372adb1bbab4d9feda4973b99bb

  • SHA1

    afe047b6cb99dc22fe5861b38bc01499204f4aed

  • SHA256

    2ddb020a499b7ac7936a11bc73f7a8e2dacd09eddd6cd8c6c51c7326f9c95d3e

  • SHA512

    8729870e62ec803fa0e5a56dd6ce885d9ef852a6c43892258ef6d8a007e6c63609e29bd2c8a964b1b0a025a3444406e0f541f8af85a65c007887c9edadd0d5e5

  • SSDEEP

    3072:l0co4JQWrrjAkHClaFkX2KlR7zkB7gCcsUPmtVwVwHIofiFYrfavMAPN5w0nepC:VQAr7HCIFa2KlR787N2mtaVXMiqTaNjd

Score
9/10
persistenceransomware

Malware Config

Targets

    • Target

      2ddb020a499b7ac7936a11bc73f7a8e2dacd09eddd6cd8c6c51c7326f9c95d3e

    • Size

      180KB

    • MD5

      a9927372adb1bbab4d9feda4973b99bb

    • SHA1

      afe047b6cb99dc22fe5861b38bc01499204f4aed

    • SHA256

      2ddb020a499b7ac7936a11bc73f7a8e2dacd09eddd6cd8c6c51c7326f9c95d3e

    • SHA512

      8729870e62ec803fa0e5a56dd6ce885d9ef852a6c43892258ef6d8a007e6c63609e29bd2c8a964b1b0a025a3444406e0f541f8af85a65c007887c9edadd0d5e5

    • SSDEEP

      3072:l0co4JQWrrjAkHClaFkX2KlR7zkB7gCcsUPmtVwVwHIofiFYrfavMAPN5w0nepC:VQAr7HCIFa2KlR787N2mtaVXMiqTaNjd

    Score
    9/10
    ransomwarepersistence

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

File Deletion

2
T1107

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

2
T1490

Tasks