Overview

overview

9

Static

static

b06567bc25...2f.exe

windows7-x64

9

b06567bc25...2f.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f

  • Size

    276KB

  • Sample

    221204-bxsktaef27

  • MD5

    1b09ce5084f72b67a78c10fe5c22fc58

  • SHA1

    c72043ba63b3bfcff990d26046ab4ff228ebbf0a

  • SHA256

    b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f

  • SHA512

    47eac0efa0bcd63505ea3b954068550912c9753c50db7a2b83a4b289fd625560ab8aa3fe09e934fc26e520cce307beecc21ea9a66be09acad47b21da9021f22c

  • SSDEEP

    6144:eWsTJRUJu+7/bj/+m8k5kR+bgI+rcSlNwG9:etJRUJueem2VXLn9

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f

    • Size

      276KB

    • MD5

      1b09ce5084f72b67a78c10fe5c22fc58

    • SHA1

      c72043ba63b3bfcff990d26046ab4ff228ebbf0a

    • SHA256

      b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f

    • SHA512

      47eac0efa0bcd63505ea3b954068550912c9753c50db7a2b83a4b289fd625560ab8aa3fe09e934fc26e520cce307beecc21ea9a66be09acad47b21da9021f22c

    • SSDEEP

      6144:eWsTJRUJu+7/bj/+m8k5kR+bgI+rcSlNwG9:etJRUJueem2VXLn9

    Score
    9/10
    discoveryransomware

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks