028e483bed0c1b82058abb6106b1c5fbcbc1d373b22ba4fa051108eaf7080f91 | Triage

Sharing

General

Target

028e483bed0c1b82058abb6106b1c5fbcbc1d373b22ba4fa051108eaf7080f91
Size

345KB
Sample

221129-na2anaga7v
MD5

6c6056a7353a8cf8744fe608cea84730
SHA1

6734e499e0de7fe55b3959d4cab063c6da33ca21
SHA256

028e483bed0c1b82058abb6106b1c5fbcbc1d373b22ba4fa051108eaf7080f91
SHA512

48e6858ada8f549ba59d6125f71f8f401599581565b86777fe65de7c9af37a492176438fdd6cdd3ec63cbdb95e311bb3cd8d3a58981b5296a3281286896fe051
SSDEEP

6144:6nDHGTp/jxo3QdWxUNosbn1PcI/IA4+tB2gHTOqmB96TffzurD7Xy70g+m553:6nDmN3bDUI/xB2gzU6ffeD7Xi0g+K

Score

9^/10

evasion ransomware

Malware Config

Targets

- Target
  
  028e483bed0c1b82058abb6106b1c5fbcbc1d373b22ba4fa051108eaf7080f91
- Size
  
  345KB
- MD5
  
  6c6056a7353a8cf8744fe608cea84730
- SHA1
  
  6734e499e0de7fe55b3959d4cab063c6da33ca21
- SHA256
  
  028e483bed0c1b82058abb6106b1c5fbcbc1d373b22ba4fa051108eaf7080f91
- SHA512
  
  48e6858ada8f549ba59d6125f71f8f401599581565b86777fe65de7c9af37a492176438fdd6cdd3ec63cbdb95e311bb3cd8d3a58981b5296a3281286896fe051
- SSDEEP
  
  6144:6nDHGTp/jxo3QdWxUNosbn1PcI/IA4+tB2gHTOqmB96TffzurD7Xy70g+m553:6nDmN3bDUI/xB2gzU6ffeD7Xi0g+K
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Drops file in Drivers directory
- Executes dropped EXE
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware