e35d0e2d9e40cc9047e8428e5ca5f81ea164309cceaab678b13557321706c711 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

win_11 (1).rar

windows10-2004-x64

Resubmissions

23/03/2023, 08:58

230323-kw59ysef32 3

23/03/2023, 08:45

230323-kntk7aee75 9

Sharing

Copy URL Twitter E-mail

General

Target

win_11 (1).rar
Size

4.4MB
Sample

230323-kntk7aee75
MD5

c45ac6a17c9cd7fbd7c2718d10d10f5b
SHA1

2311946a6a12cf4d5f754ee409ecb56d3b9ac622
SHA256

e35d0e2d9e40cc9047e8428e5ca5f81ea164309cceaab678b13557321706c711
SHA512

f8affe3f6bf71a09297ec7d02629bfb81851aeb59dd5ab39310abb0aa3b3aac514d52da24717a63255c537fc5e615fd593016731f4769c6e9c5cc9728727656c
SSDEEP

98304:PhzBHesp/tbw5J5D3302MaIwqI4u09abw23QHB+x6aSNij3ybwVhlN:PhzBesxi5rlMaIgSHB+chWrJ

Score

9^/10

evasion persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

win_11 (1).rar

Resource

win10v2004-20230220-en

evasion persistence ransomware

windows10-2004-x64

14 signatures

1800 seconds

Malware Config

Targets

- Target
  
  win_11 (1).rar
- Size
  
  4.4MB
- MD5
  
  c45ac6a17c9cd7fbd7c2718d10d10f5b
- SHA1
  
  2311946a6a12cf4d5f754ee409ecb56d3b9ac622
- SHA256
  
  e35d0e2d9e40cc9047e8428e5ca5f81ea164309cceaab678b13557321706c711
- SHA512
  
  f8affe3f6bf71a09297ec7d02629bfb81851aeb59dd5ab39310abb0aa3b3aac514d52da24717a63255c537fc5e615fd593016731f4769c6e9c5cc9728727656c
- SSDEEP
  
  98304:PhzBHesp/tbw5J5D3302MaIwqI4u09abw23QHB+x6aSNij3ybwVhlN:PhzBesxi5rlMaIgSHB+chWrJ
Score

9^/10

evasion persistence ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Creates new service(s)
  persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

New Service

Registry Run Keys / Startup Folder

Privilege Escalation

New Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionpersistenceransomware

© 2018-2025

Terms | Privacy