f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063 | Triage

Submit
Reports

Overview

overview

9

Static

static

f60bb4f7e9...63.exe

windows7-x64

9

f60bb4f7e9...63.exe

windows10-2004-x64

7

Sharing

General

Target

f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063
Size

240KB
Sample

221126-fmskaage9x
MD5

b8c0eedfe9d2b511cd073910c7e42f10
SHA1

fe74589e2c22e0af63365236d01c467c77ee097a
SHA256

f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063
SHA512

8c2a281682d0c5cfa54f088c77d5d979a6759fbbe0e015d9dd052fd3ef9f6a2b61bcc186939215a91a0a1281b3c58f71d5c5480f76de1eede55f8bc2c12316d6
SSDEEP

6144:CJUTzlgAJsZZufV6SBJ2xsqP3EckX1laG:C2TxgAmH8V6SX2/PPu1lT

Score

9^/10

persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063.exe

Resource

win7-20221111-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063
- Size
  
  240KB
- MD5
  
  b8c0eedfe9d2b511cd073910c7e42f10
- SHA1
  
  fe74589e2c22e0af63365236d01c467c77ee097a
- SHA256
  
  f60bb4f7e9a0bfc907b97dc4988e73f43375539e46ea4e88dcde95da70340063
- SHA512
  
  8c2a281682d0c5cfa54f088c77d5d979a6759fbbe0e015d9dd052fd3ef9f6a2b61bcc186939215a91a0a1281b3c58f71d5c5480f76de1eede55f8bc2c12316d6
- SSDEEP
  
  6144:CJUTzlgAJsZZufV6SBJ2xsqP3EckX1laG:C2TxgAmH8V6SX2/PPu1lT
Score

9^/10

ransomware persistence
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Drops startup file
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy