royal | d494fcabcac764a613af99f9326fd0a1ff9d81028e3776621b7faba9b188ca08 | Triage

Sharing

General

Target

221124-vwk9wscd91_pw_infected.zip
Size

1.3MB
Sample

230124-rcl6asdf2x
MD5

43323ad59f86782a9c9b170b61061bd7
SHA1

2c2eacf753afe863282fd4becd5c48ae459a86b8
SHA256

d494fcabcac764a613af99f9326fd0a1ff9d81028e3776621b7faba9b188ca08
SHA512

dce689e726ac8ee6e49064e3a7e468e02f020a729de28dfb9a96d5debe7c18392e1e0c33e9cffd863321fec5f767197a79b076ba7720e244a449a73b12a25f33
SSDEEP

24576:C0UQq9wBH5oT19OWqJELtC1XbFoh+DsTq31YpWsFZI7wCeg3O8y:CXDa4iHJaEXbFs+Y+1iQ0AO8y

Score

10^/10

royal ransomware

Malware Config

Targets

- Target
  
  f484f919ba6e36ff33e4fb391b8859a94d89c172a465964f99d6113b55ced429.exe
- Size
  
  2.9MB
- MD5
  
  df0b88dafe7a65295f99e69a67db9e1b
- SHA1
  
  db3163a09eb33ff4370ad162a05f4b2584a20456
- SHA256
  
  f484f919ba6e36ff33e4fb391b8859a94d89c172a465964f99d6113b55ced429
- SHA512
  
  2206969d222882dd8b7e3e5671311462266277d699e08e3016a7b3781b17390e8dd11956d8aaecae996a2c16227d7b2390eb84b9b8df26e39ffe8f38d5b76fbd
- SSDEEP
  
  49152:cDVwASOLGtlqrRIU6i9+vazNqQlJZP1BMU2thA8mNtNCiJlrRUFcJ7HIPcLzkw5c:wm+GaNqqJJ12vlZol8cJ7rc3
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

ransomwareroyal

behavioral1

behavioral2