6c4a7799e03a0d814999a31b5fba583d877ae2c49270823989eb8eb11fcf615e | Triage

Sharing

General

Target

RansomWar.exe
Size

76KB
Sample

230109-vdb89seh69
MD5

ef22c21922fe2c563b88323a4d7c7ce9
SHA1

075dcc59a52a78fe51f00af199593fc69076563c
SHA256

6c4a7799e03a0d814999a31b5fba583d877ae2c49270823989eb8eb11fcf615e
SHA512

d670e81b43130dbfc44829aeb91fce2b03660b1a4e63c44c793394fd0369c91c57c76a5e9356d458f75102bc970f71998f3020846dbc565ebc71460227704e0c
SSDEEP

1536:JAFzIijLaq9JBsST6oxkaFyE5PP3lLuBZva8E4gy7ZIn+1y:JAFz5qKJBsST6kkaFP13lsa8E4gylZ1y

Score

6^/10

Malware Config

Targets

- Target
  
  RansomWar.exe
- Size
  
  76KB
- MD5
  
  ef22c21922fe2c563b88323a4d7c7ce9
- SHA1
  
  075dcc59a52a78fe51f00af199593fc69076563c
- SHA256
  
  6c4a7799e03a0d814999a31b5fba583d877ae2c49270823989eb8eb11fcf615e
- SHA512
  
  d670e81b43130dbfc44829aeb91fce2b03660b1a4e63c44c793394fd0369c91c57c76a5e9356d458f75102bc970f71998f3020846dbc565ebc71460227704e0c
- SSDEEP
  
  1536:JAFzIijLaq9JBsST6oxkaFyE5PP3lLuBZva8E4gy7ZIn+1y:JAFz5qKJBsST6kkaFP13lsa8E4gylZ1y
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2