royal | 4568f9dd1dc8fd256524e78f1d32d009eb0d5acbdc1a9d9507287832808e50e9 | Triage

Resubmissions

07-02-2023 21:14

230207-z3l7zsfa9w 10

07-02-2023 21:10

230207-z1fx7aff86 10

04-02-2023 03:46

230204-ebzc1sff9s 10

Sharing

General

Target

C.7z
Size

872KB
Sample

230204-ebzc1sff9s
MD5

cccc83f84ef321c7d604c17234c40f24
SHA1

7c9cd1a4d93077974869f421490303efb8823615
SHA256

4568f9dd1dc8fd256524e78f1d32d009eb0d5acbdc1a9d9507287832808e50e9
SHA512

2dacedd6f2146f459009aee0d43b9006e5ed8d269a31daa64fea669072660a9dabcc94e1a59ffcdf2c90b7127e2f97337cc5094b6e3c8fc1a274d3e2dffbcf7c
SSDEEP

24576:fOhM4s/+F8m6IuK4qzc9CzRAWyQnNEIOVzQiE/51PR1OoM:fOhMhG+K7zyC/TnoVQZ4oM

Score

10^/10

royal ransomware

Malware Config

Targets

- Target
  
  1.bat
- Size
  
  7KB
- MD5
  
  e0958318a44912e90bb2cd8729cfc9cb
- SHA1
  
  00ea479c600bb4e8fb47dfd284518248cbed51db
- SHA256
  
  68b1bf6dfcb95c273cf203194083b786a38ae6180a5ea4f9eb030563ddaf851a
- SHA512
  
  46d0873c2bbe6c4f6fc50a04a11baf56f4322e12a0f374005ca60c904fd5ee573b9aa44f4657f9f080cec856f98800f48e6acebe333b9d53491419e4cb15449c
- SSDEEP
  
  192:991l1D1b1s1Q13161V141e101e121r1R191j11181m1f1RW1X12W1w1c1z1q1N1A:9DbBJ8QF6LIeUemZnDhrMW90l3wsxqTA
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
behavioral1 behavioral2
- Target
  
  1.exe
- Size
  
  2.1MB
- MD5
  
  e41f12a522a995f17843ecd4ea38091a
- SHA1
  
  11a2399ed08a3618762905753e639299dfe3dc43
- SHA256
  
  33e9f0c2664f1845ef32af75623184d61537ac4ea24c8e9993deffb4fdba71b1
- SHA512
  
  4efe1fc05920900dca5592f82a39fc07095148f36cb7a28daffa8b2de43e33a5bc16254b4204b7809b0cdac12de46afdf75fca8a8f4f90afad6127436d43cf02
- SSDEEP
  
  49152:AKdKdhwcjW7oPlIFP2a8cTPBn+zO+LH4Gh0LKUm:AKdQheoPOx8Mnb+
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

ransomwareroyal

behavioral1

behavioral2

behavioral3

behavioral4