2cb1e6beb5a69968cc4e8abc350b03174625907ccd7dc254cf72f0901c0d102f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DiscordWebSetup-SC.exe
Size

42.6MB
Sample

230310-nr9clafb8t
MD5

62ce846ac81ce9bb40439e55900cd8d5
SHA1

75c14819d1a82c020c7cc48acbdb099f081360fa
SHA256

2cb1e6beb5a69968cc4e8abc350b03174625907ccd7dc254cf72f0901c0d102f
SHA512

26c7806384e92c41d5e1c0ce55b6baacc42d3ffcb18baa0d66ae0a6945493c6c5df103c5a263014db564984e5a88be1fa98b53e92027159fe89324cb6d3efe6e
SSDEEP

786432:tOyU/2Q7AvJrzbLbXFHi/z5HuSjZ68MBji90KBt5h+INcHh6e77t6:tOykXohvLb1HoZ6Ti9zFhxN8V7E

Score

7^/10

persistence ransomware

Malware Config

Targets

- Target
  
  DiscordWebSetup-SC.exe
- Size
  
  42.6MB
- MD5
  
  62ce846ac81ce9bb40439e55900cd8d5
- SHA1
  
  75c14819d1a82c020c7cc48acbdb099f081360fa
- SHA256
  
  2cb1e6beb5a69968cc4e8abc350b03174625907ccd7dc254cf72f0901c0d102f
- SHA512
  
  26c7806384e92c41d5e1c0ce55b6baacc42d3ffcb18baa0d66ae0a6945493c6c5df103c5a263014db564984e5a88be1fa98b53e92027159fe89324cb6d3efe6e
- SSDEEP
  
  786432:tOyU/2Q7AvJrzbLbXFHi/z5HuSjZ68MBji90KBt5h+INcHh6e77t6:tOykXohvLb1HoZ6Ti9zFhxN8V7E
Score

7^/10

persistence ransomware
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

persistenceransomware